NHS services across Scotland were plunged into chaos on Friday after being caught up in a global cyber attack.
More than half of Scottish health boards fell victim to the ransomware strikes using malware called Wanna Decryptor that initially hit health trusts in NHS England.
Staff were forced to revert to pen and paper and use their own mobiles after the attack took out key systems, including telephones.
Hospitals, GP practices and dental surgeries were among those affected by attack which locks a computer and demands payment before allowing access again.
First Minister Nicola Sturgeon chaired a resilience meeting on the issue and Police Scotland confirmed they were working closely with the National Cyber Security Centre and the National Crime Agency to support the investigation.
Prime Minister Theresa May said the attack was “not targeted” at the NHS, but was part of a wider assault on organisations across a number of countries.
Hospitals in England were forced to divert emergency ambulances and cancel operations as a major incident was declared.
Among the worst hit in Scotland was NHS Lanarkshire which closed down its non-essential IT network and urged patients only to attend A&E if absolutely necessary.
Scottish Health Secretary Shona Robison said: “Scottish Government health officials are currently working closely with affected boards to assess the extent of the problem, and take steps to isolate systems, which have been affected by a Ransomware cyber attack of the kind which has also affected health trusts in NHS England.
“We are taking immediate steps to minimise the impact of the attack across NHS Scotland and restrict any disruption.
“Our priority is to ensure that boards are supported to deal with this incident swiftly, and that services to patients can continue to run effectively.”
Eight of Scotland’s 14 health boards confirmed they were affected last night including NHS Glasgow, Dumfries and Galloway, Borders, Forth Valley, Tayside, Western Isles and Fife.
Several GP practices were badly hit.
Doctors records in general practice are fully computerised, holding details of what drugs patients are prescribed.
Dr Emma Fardon, a GP in Dundee, said: “It became very obvious at around 1pm.
“I came back from house visits to find all our computers hit by the virus.
“It was the red display asking for the money. We can’t access any patient records.
“Everything is fully computerised. We have no idea what drugs people are on or the allergies they have. We can’t access the appointments system.”
She added: “We’ve had to try and phone as many people to rearrange their appointments to next week.
“It’s had a massively disruptive effect. We can’t process any documents, can’t issue prescriptions, or look up results.
“We’re trying to accommodate who we can. We are still seeing people who really need it. We’ve had glitches in the past but I’ve never seen anything as bad as this. We’ve no idea how long it will last for.”
The first indication of the cyber-attack in the UK came around 3.30pm yesterday afternoon when organisations within NHS England reported that computers had been hit by a ransomware attack using Wthe anna Decryptor malware.
Pictures posted on social media showed screens of NHS computers with images demanding payment of 300 dollars worth of the online currency Bitcoin, threatening to delete files within seven days.
There were then reports of computer infections in as many as 74 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan with security researchers linking the incidents together. Spanish Telecoms firm Telefonica one of those reporting problems.
In a statement last night, Theresa May said: “We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack.
“This is not targeted at the NHS, it’s an international attack and a number of countries and organisations have been affected.
“The National Cyber Security Centre is working closely with NHS digital to ensure that they support the organisations concerned and that they protect patient safety. And, we are not aware of any evidence that patient data has been compromised.”
At the Royal London Hospital operations were cancelled and staff were ordered not to touch their computers. United Lincolnshire Hospitals NHS Trust cancelled all outpatient, endoscopy, cardiology and radiology weekend appointments.
As yet there is no indication of who is behind the attack or exactly how it infected NHS systems. It was being reported last night that the ransomware used may derive from a tool developed by the US National Security Agency (NSA).