NHS faces weekend of chaos after 'major' cyber attack
Video report by ITV News correspondent Paul Davies
The NHS is facing a weekend of chaos as IT experts work "around the clock" to restore vital computer systems hit by a debilitating cyber attack.
Operations and appointments were cancelled for patients across the country as up to 40 trusts in England and Scotland were hit by the ransomware.
Other health organisations shut down servers as a precautionary measure leaving hospitals and GP surgeries with a backlog of postponed appointments to deal with.
The spread of the malware is thought to have been stopped after two cyber security researchers stumbled upon a "kill switch" in the malware code, but that is cold comfort for organisations in the more than 70 countries affected.
Accoridng to the National Cyber Security Centre (NCSC), the computer virus has hit "thousands of organisations and individuals in dozens of countries".
Ciaran Martin, the NCSC chief executive, said teams were "working round the clock" with UK and international partners and with private sector experts to lead the response.
He said: "We are very aware that attacks on critical services such as the NHS have a massive impact on individuals and their families, and we are doing everything in our power to help them restore these vital services."
As the scale of the security breach became clear on Friday afternoon, ambulances were diverted and patients told to avoid some A&E departments.
Staff were forced to revert to pen and paper and used their own mobiles after key systems were affected, including telephones.
Prime Minister Theresa May said the attack on the NHS was part of a wider international situation, and that there is no evidence that patient data had been compromised.
The NHS systems are believed to have been hit by a ransomware cyber attack using malware called "Wanna Decryptor".
It works by encrypting files on a user's computer, blocking them from view and threatening to delete them unless a payment is made.
NHS Digital said there is no evidence that patient data has been accessed, but warned that investigations are "at an early stage".
Pictures posted on social media showed screens of NHS computers with images demanding payment of 300 US dollars worth of the online currency Bitcoin, saying: "Ooops, your files have been encrypted!"
It adds: "Maybe you are looking for a way to recover your files, but do not waste your time."
It demands payment in three days or the price is doubled, and if none is received in seven days the files will be deleted.
The attack came as several companies in Spain were hit by ransomware attacks. Telecoms firm Telefonica was one of those reporting problems.
Security chiefs and ministers have repeatedly highlighted the threat to Britain's critical infrastructure and economy from cyber attacks.
Last year the Government established the NCSC to spearhead the country's defences and in the three months after the centre was launched there were 188 "high-level" attacks as well as countless lower-level incidents.
Barts Health in London - the biggest health trust in the country - confirmed it was experiencing "major IT disruption" and delays at all of its hospitals.
Several health boards in Scotland have confirmed they are affected, with NHS Greater Glasgow and Clyde, NHS Dumfries and Galloway and NHS Forth Valley confirming some of their GP surgeries have been caught up in the incident.
"I was told computers would be down until Monday"
Emma Simpson took her son Sebastian to a Barts Health hospital for an X-ray on his broken toe and was told systems were down - and would be until "at least Monday":
NHS medical staff tweeted about systems being down at various locations.
Trusts reportedly affected include:
Barts Health in London
North Cumbria
Blackpool Teaching Hospitals
Colchester Hospitals University
East Lancashire
Nottingham
East and North Hertfordshire