NHS organisations across the country are braced for a possible recurrence of Friday’s cyberattack when staff return to work today.
Cyber security experts have warned that the ransomware virus, which affected one in five NHS Trusts, could be reactivated by computers and devices that have not yet been switched on.
On Sunday evening seven acute hospital Trusts continued to experience major disruption and were diverting patients away from A&E for a third consecutive day.
In total 47 organisations reported being affected by the cyberattack and the disruption will continue into the new working week.
NHS regional director for London, Anne Rainsberry, told Sky News: “If you have not heard from your hospital and you have an appointment, our message is you should attend as normal.”
But she warned patients: “It may be a little bit slower when you get there because hospitals are using different systems, so please be patient.”
Trusts in Lincolnshire and Southport and Ormskirk cancelled all routine appointments for Monday, and staff have been warned to exercise caution when logging in.
United Lincolnshire Trust and Northumbria Healthcare NHS Trust used social media to warn staff that they should not switch on any devices unless they have been specifically cleared by their manager.
Northumbria Healthcare said: “All staff should report for duty tomorrow as usual – however please DO NOT switch on or log in to any laptops, mobile devices or desktop PCs until advised to do so by your line manager.”
Ciaran Martin, chief executive of the National Cyber Security Centre, warned there could be a fresh wave of victims on Monday.
“We’ve not seen a wave of new attacks since Friday, but what’s likely to happen tomorrow (Monday) is that organisations that didn’t know they were affected on Friday might find that out tomorrow.
“And organisations that were affected on Friday, and over the weekend, might find that some of the problems have spread. That’s not to say that the attacks are new – it’s a repercussion of what happened on Friday.”
The Nissan car plant in Sunderland is still suffering from issues caused by the ransomware attack which forced car production to a halt on Friday night.
Workers began making cars again on Sunday night but at a slower pace than usual.
One worker told Sky News that IT resources from the factory’s two separate production lines had been pooled to enable one to start up again.
Production was halted by the attack a few hours before a planned shutdown for the weekend, resulting in the firm saying in a statement yesterday that it had “no major impact”.
A Nissan spokesman said the full Sunday night shift was at work and it was “business as usual” at the factory.