How did SCW respond to the Cyber Incident in May 2017?

The recent cyberattack across the NHS resulted in significant disruption to local health systems, SCW was at the forefront of the recovery response.

The recent cyberattack across the NHS resulted in significant disruption to local health systems and, as suppliers of IT services across a number of CCGs and NHS Trusts, SCW was at the forefront of the recovery response.

On 12 May, the new zero-day virus was detected in Spain at around 2.30pm and quickly spread throughout Europe and onwards across the world. SCW IT Services (ITS) along with other NHS organisations across the UK, detected infections in GP practices from around 3pm.

Our response was to treat the first infection as a Priority 1 (P1) incident. However, it soon became clear that this was a major cyber attack requiring invocation of both our ITS Service Continuity Plan and the entire SCW Business Continuity Plan.

We are pleased to report that the following actions were effective in the management of these issues:

  • A fully documented and tested IT Service Continuity Plan worked as designed.
  • A rigorous security patching policy and process ensured minimal exposure
  • A command and control centre established in our Taunton IT engineering and storage facility was available 24x7 and fully networked
  • The SCW teams were able to work remotely with customers and to communicate using the WebEx communications collaboration platform – screen sharing, voice and video were invaluable and all available on a single platform
  • The SCW Gold and Silver teams for managing responsibility for business continuity worked as designed.