More4 News has discovered that the isolated reports of viral infestation within several NHS (National Health Service) hospitals are much worse and troublesome than initially thought. A resulting inquiry after the latest threat was contained showed the medical establishments' collective failure to follow basic security and protection regulation for avoiding malware infection.

In November of 2008, the MyTob worm created enormous administrative problems at three London-based hospitals—the Royal London, Bards, and the London Chest Hospital—that are all part of the NHS Trust. The minor infestation compelled the institutions to temporarily reroute ambulances because of hampered medical operations while the worm was being removed. Several staff members were also forced to use pen and paper backups in order to continue their work.

The abovementioned incident is quite reminiscent of the Conficker worm dilemma of a Sheffield-based NHS hospital. Researchers believe that the two events are possibly related to each other in that they serve as symptoms of wider security inadequacies across the NHS Trust. This matter is of great importance to the NHS specifically because it has surfaced during a time when the organization is about to launch its £13 billion electronic patient records system that depends on IT systems in order to provide better patient care.

More4 News interviewed every NHS Trust located in England to gather data about whether or not they experienced a malware infection over the last year or so. The polls shows that over 8,000 computer viruses, worms, trojans, and whatnot had infected NHS machines over the period and, more importantly, reported twelve cases where clinical departments have been compromised. Furthermore, the establishments that needed to cope with malware infections on a daily basis include Leeds Teaching Hospitals, Bradford Teaching Hospitals, Poole, Isle of Wight, and Basingstoke & North Hampshire.

The overall impression of the different cyber attacks varied as well.  For example, computers at Maidstone and Tunbridge Wells became completely inaccessible after one such malware incident. Also, a separate outbreak in Newcastle left hospital staff incapacitated when it came to running administrative systems, which caused a nearly month-long backlog in schedules and appointments. In contrast, the West Middlesex Trust contagion only victimized a solitary dictaphone.