News broke on Friday that government systems across the world had been hacked and ransoms demanded in so-called "ransomware" attacks, with computer systems at a number of NHS trusts in England and Wales affected.
Internal communications were hit at several hospitals. PRWeek understands that staff at Barts NHS Trust in London were forced to use personal email addresses, text messages and Snapchat to communicate with each other after work emails addresses were affected.
A Barts Health spokesman said: "As soon as we could on Friday, we posted a statement on our website and we have updated this regularly over the weekend, and drawn attention to it through social media channels. We are asking patients to attend any scheduled appointments unless they are specifically contacted to be told they are cancelled."
The NHS has been advising patients about the steps it has been taking and how anyone seeking medical treatment should act. It confirmed that a "small number" of hospitals have had to cancel patient appointments whilst they recover their IT systems.
The political fallout has focused on whether more could have been done to prevent the attacks. Speaking to BBC Breakfast, Home Secretary Amber Rudd said that any "holes" in the system would emerge in the coming days.
Rudd said: "There may be lessons to learn from this but the most important thing now is to disrupt the attack. Let's come back afterwards to whether there are lessons to be learned."
Former NHS Digital chairman Kingsley Manning told BBC Radio Four's PM programme: "We were very well aware that [a cyber attack] was a threat and indeed the Secretary of State and the Government has always seen it as being a threat."
PRWeek asked PR professionals to give their take on how the crisis has been handled from a comms perspective, and what messages should be relayed now.
Avril Lee, MD Health UK & EMEA, MSLGroup
"I think the biggest learning for the NHS is that, beyond ensuring they have adequate computer security protection, they need operational and comms protocols for such situations. My understanding is that in certain hospitals there was a complete shutdown in services – from chemo suites and A&E to even issuing prescriptions or taking phone calls (yes their phones run through the computer system too). Clinical staff were forced to agree a plan of action on the day as the outage was taking place, indeed many have worked over the weekend to establish working practices to enable some form of care today. With phones down and no comms plan, staff took to social media to try to get information to patients and their families.
"There doesn’t appear to have been cross-Trust comms protocols and it took some time for those who were affected to realise who else was affected. On the messaging front, the NHS was right to stress this was not a specific hacking attack on them, but rather a global offensive against many organisations and companies. While this doesn’t help all those with no or limited IT today, it has protected the NHS from more negative coverage and blame.
"Indeed, I think most people think such an attack, which puts lives at risk for bitcoins, is shocking and immoral and are willing to see the NHS as an unfortunate victim. As we get more insight into how the NHS have been managing IT security, this may change. Going forward, the NHS will need to address the IT and comms challenges related to this to earn our already limited trust on their guardianship of our data."
Yvonne Eskenzi, director, Eskenzi PR
"The NHS cyber attack shows the chaos and mass disruption that security issues can cause, so it does beg the question – why weren’t basic cyber security practises followed, particularly in such a vital public service as the NHS? The way it was handled by the NHS highlighted the need for continuity plans when something like this occurs, as it was haphazard, disjointed and lacking a credible security expert from the NHS. The public was looking for someone credible, knowledgeable with some amount of gravitas from the NHS to stand up and provide reassurance. And what it got instead was puff, bravado and panic.
"Unfortunately, it’s unlikely to be the first or last time something like this happens, so in the future organisations (not just the NHS) will need to prepare a continuity plan and a person with a senior position in cyber security to reassure and guide the public through the turbulence cyber attacks can create.
"This latest attack was only the tip of the iceberg as ‘internet of things’ and connected devices start taking over the workplace and our daily lives, so it’s vital we at least get the basics right to prevent attacks, such as ransomware, from spreading within networks. In this instance, the relevant patch was made available months ago, so failing to take these measures is pretty unforgivable given today’s cyber threat landscape."
Alun James, MD, Four Communications
"I think three factors helped the NHS and government in their response: the recent exposure given to hacking at all levels from politics, to industry sectors, to individual businesses; the acceptance that the NHS is large, bureaucratic and unwieldy; and that the cyber-attack was international, not limited to the UK.
"The messages going forward need to be nuanced and balanced: encouraging alertness while providing reassurance; acknowledging the dynamic nature of the threat while presenting a robust and evolving response; and a combination of leadership and involvement. The Government is being proactive, but we all need to play our part."
Rod Clayton, executive vice president and co-lead, Global Issues and Crisis, Weber Shandwick
"The real issue here is a broad one that does not only affect the NHS, but any organisation running any software that is no longer supported (such as Windows XP).
"Many organisations face the tough choice of balancing risk management with tight budgets. Too often, organisations pray for sunshine and don't insure themselves against clear risks. Cyber attacks are not a matter of 'if', but 'when'.
"The lesson is not only to ensure that systems are up-to-date, it is also to ensure that crisis plans are in place and up-to-date and that teams are regularly trained to handle issues that, increasingly, seem inevitable."
Pat Pearson, MD, Firstlight PR
"What was particularly striking about this crisis was the fact health secretary Jeremy Hunt was missing. From the start, home secretary Amber Rudd took the lead for the government, highlighting the fact this was a broader international cyber attack. I think this was the right decision.
"With the nurses contemplating strike action, ongoing questions about health service funding and the fact that the NHS is always an election issue, Jeremy Hunt would have acted as a lightning rod for adverse headlines. Keeping the story broad, whilst reinforcing what the government has done to boost NHS cyber security has deflected what could have been a very damaging situation."