Next steps following global attack.
Activity to help keep people, businesses and the public sector safe when using digital technology will be stepped up following Friday’s global cyber attack.
Work to recover affected NHS systems remains ongoing with operations likely to return to normal ahead of Monday morning. Key actions to enhance Scotland’s cyber resilience include:
- Close liaison with the National Cyber Security Centre (NCSC) and NHS Scotland this weekend to ensure the cause and nature of the attacks are identified
- The Scottish Government will convene an extraordinary meeting of the National Cyber Resilience Leaders’ Board on Tuesday to review the circumstances that led to the attack, the multi-agency responses and steps that should be taken to enhance future resilience
- A lessons learned exercise to help mitigate the risks from further attacks as far as possible
- Direct contact with public bodies in all sectors across Scotland to ensure that they are aware of the risk and have the appropriate measures in place.
Justice Secretary Michael Matheson said:
“Friday’s attack has highlighted the need for everyone to have appropriate and robust measures in place to protect against cyber-attacks which could strike any IT system at any time.
“NHS Scotland systems are being recovered, we expect them to have returned to normal by Monday, and it is important to emphasise that there is no evidence that patient data has been compromised. Patients who have appointments booked for Monday and beyond should attend as planned.
“However, we must remain particularly vigilant against further incidents and the Scottish Government is taking action to enhance security, including contacting over 120 public bodies to ensure they have appropriate defences in place.
“One of the most common methods of infecting computer systems is through links and attachments in emails. Therefore I would urge everyone to think twice before clicking on attachments or links from sources that they don’t know.
“Police Scotland has been working closely with the National Crime Agency who are leading the UK-wide law enforcement investigative response, and this will continue. I would like to thank everyone at the NHS and other bodies who have been working round the clock to deal with this very serious incident and keep any impact on patient care to an absolute minimum.”
The National Cyber Security Centre has issued guidance for organisations protect systems from ransomware.