NHS staff in Wales can send out emails – but they can’t receive any. Incoming emails are being blocked and deleted.

No one outside the NHS can now send emails to any NHS hospitals and surgeries in Wales – including Penarth’s Llandough Hospital and GP practices in Penarth.

The NHS across the whole of Wales is now blocking the receipt of emails from any source other than internal official NHS senders.

Llandough Hospital Penarth

The action has been taken following last week’s internet attack on the NHS in England when a cyber criminals dispatched so-called “WannaCry” malware into  hospital IT systems which is designed to freeze essential files unless a ransom is paid in untraceable “Bitcoins” for a code to unlock them.

Computer experts advised NHS chiefs  – and anyone else hit by “WannaCry” –  NOT to pay up – as there’s no evidence that, once a ransom is paid,  the crooks bother making any further contact with the victims and don’t send them codes to unscramble their locked files.

What the “WannaCry” ransomeware screen looks like .

On Friday the NHS in Wales had said it had not been affected by the malware attack –  but over the weekend the organisation has changed its stance and now says  “Due to the NHS England cyber attack, we have blocked all inbound emails (external senders and NHS England) to NHS Wales.”

The move means that although NHS staff  in Wales can  send out emails to NHS staff  in England, they can’t receive emailed replies.

NHS Wales says “Blocked emails will be dropped and deleted. Client services supported file shares have also been disabled until Monday as a precaution”. The position is to be reviewed tomorrow (Monday May 15 2017)

Much of the software in the NHS in Wales is out of date but systems in GP practices are now in the process of being upgraded  – a “cluster ” at a time –  to Microsoft Office 2016.

The NHS Wales Informatics Service has also introduced what it describes as “a secure National Directory and Email service”  – known as NADEX – which replaced a “previously fragmented approach to logon security and email management”.

The NADEX system allows users to log-on to systems and services regardless of where they access a computer.   The National E Mail service provides “a single up-to-date address book and allows health professionals to share diaries with colleagues across organisations within NHS Wales.”  It also provides an email address “for life” for as long as staff remain within NHS Wales @wales.nhs.uk

About NewsNet

Penarth Daily News email address dmj@newsnet.uk . Penarth Daily News is an independent free on-line fair and balanced news service published by NewsNet Ltd covering the town of Penarth in the Vale of Glamorgan, Wales, UK. All our news items are based on the information we receive or discover at the time of publication and are published on the basis that they are accurate to the best of our knowledge and belief at that time. Comments posted on the site by commentators reflect their opinions and are not necessarily shared, endorsed or supported by Penarth Daily News.
This entry was posted in Penarth Daily News. Bookmark the permalink.


  1. Philip Rapier says:

    Well done Labour Coop AM Health Minister Vaughan Gething for getting this absolutely right. Cardiff and Vale Trust as far as I am aware binned the no longer updated with security patches Windows XP a considerable time ago.
    England’s Health Supremo Jeremy Hunt and Teresa May refused to pay Microsoft a mere £5.5 million for ongoing exclusive patching of systems until they were able to afford to join NHS Wales in the 21st Century IT .(Jeremy Hunt earns £1 million a year. )
    According to the Daily Mirror multi millionaire Jeremy was playing Cricket at Millfield Public School in the middle of the crisis.
    Worse still rumour has it Trident Submarines are running on Windows XP.

    • Plainjane says:

      ‘some time ago’ was way before VGs time Mark Drakeforf or Lesley Griffiths maybe?

    • Alun says:

      You may want to check your facts, doing a quick walk around the Heath hospital you can see numerous windows XP machines, I know I saw them there only last week.

  2. This move also means that patients can no longer order their repeat prescriptions from their GP as has been the case for the last couple of years. A “Trip to the Doctor” is now required once again.

    • ColaniXL says:

      …or they could use the My Health Online service to order their repeat prescription.

  3. Peter Church says:

    The reason Wales has apparently been spared is because the IT systems in Wales NHS don’t talk to each other, even in some trusts, e.g. Abertawe Bro Morgannwg various parts of the trust cant see each other They rely on paper records.

    So sometimes being backwards does help.

  4. Mark Foster says:

    Congratulations to Vaughan Gething. He got it right.

    Vaughan Gething: over £11m to improve cyber security in the NHS
    26 September 2016, Welsh Government

    Health Secretary Vaughan Gething has announced £11.33m of investment into NHS information technology equipment and services.

    The money will be used by health boards and other health organisations to replace ageing equipment, strengthen systems against cyber-attack and improve back-up infrastructure in the Welsh NHS.

    Vaughan Gething said:

    “The money will be shared between all the health boards and a range of other NHS organisations, including Velindre and the Welsh Ambulance Service.

    “This funding will enable NHS organisations to purchase new PCs and laptops, to improve WiFi connectivity and invest in servers, storage and improved back-up capacity.

    “More efficient, more reliable IT systems will help all elements of the NHS to work more effectively and more flexibly, and to improve the service they can offer to patients.

    “This investment is in response to what NHS organisations tell us they need to ensure that their IT infrastructure remains safe, secure and fit for purpose into the future.”

    In Powys Teaching Health Board, the funding will further support the roll out of the Welsh Community Care Information System. This will enable safe sharing of information and help to deliver improved care and support, linking up services including social care, mental health care, district nurses, health visitors and services for older people.

    Within Velindre NHS Trust, the funding allocated has been prioritised towards critical infrastructure replacements that will provide the opportunity to implement and develop future patient centric services.

    • Mark Foster says:

      Of course they could have done even better by breaking the big government corporate nexus and gravitating the NHS systems to Linux where an attacker cannot install malware like WannaCry because passworded administrative rights are needed to execute to update the files. Also of course, the software to enable this was developed by the USA government NSA which the British GCHQ are in bed with. The NSA themselves were hacked. When Donald Trump talked about draining the swamp, this is what he meant. These ideas are beyond both the Labour and Tory parties and Philip Rapier.

      “I’ve never heard so far of a ransomware for Linux.
      The fact is UNIX/Linux systems are harder to compromise, because they’re hierarchical.
      If you’re not root, or administrator, you can’t do a thing.
      Windows allows ordinary users to wreak havoc and run pretty much anything.”

      • E Vole says:

        You clearly have no understanding of OS architecture and have bought into to the old Linux is more secure myth. All OS carry vulnerabilities, how secure a system is, is dependant on how it is deployed and configured. I.e where it sits on the “ease of use triangle”. You want security be prepared to give up ease of use and functionality. (E.g turn off external email) Oh and security through obscurity is not security. Btw this is coming from a nix guy, I am just OS agnostic.

      • Mark Foster says:

        Just explain to me how you can encrypt a file on a Unix box if you haven’t got the root password. BTW this is coming from an IT researcher.

  5. AK says:

    Interesting to see that the ‘ransom’ is demanded in untraceable bitcoins; which we are told is the next big way to transfer money around.

    Seems like that theory requires some more work

Comments are closed.