This story was first published in digitalhealth.net
‘Basic IT security’ could have saved NHS from WannaCry attack, report says
The NHS could have avoided the ‘relatively unsophisticated’ WannaCry ransomware attack in May with ‘basic IT security’, according to a new report.
The National Unit Office (NAO) said that 19,500 medical appointments were cancelled, computers at 600 GP surgeries were locked and five hospitals had to divert ambulances elsewhere as a result of the ‘relatively unsophisticated attack’.
The NAO and the Department of Health was unable to cost the impact of the outbreak and the full extent of the damage may never be known.
Overall, 81 NHS organisations in England were affected - a third of the total.
NAO said the attack could have been prevented by basic IT practices. As early as 2014, the Department of Health and the Cabinet had written to NHS trusts, saying it was essential they had ‘robust plans’ to migrate from old software. In March and April 2017, NHS Digital issued critical alerts warning organisations to fix the exact bug in their Windows computers that later allowed WannaCry to quickly spread.
Before the attack, NHS Digital carried out an ‘on-site cybersecurity assessment’ at 88 out of the 236 health trusts inEngland. None passed.
Amya’s Morse, the head of the NAO, said: “The WannaCry cyber-attack had potentially serious implications for the NHS and its ability to provide care to patients.
“It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice. There are more sophisticated cyber-threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”
Meg Hillier, chairwoman of the public accounts committee, said: “The NHS could have fended off this attack if it had taken simple steps to protect its computers and medical equipment. Instead, patients and NHS staff suffered widespread disruption, with thousands of appointments and operations cancelled.
“The NHS and the department need to get serious about cybersecurity or the next incident could be far worse.”
Latest News
16/02/2024 - 12:56
Hammersmith and Fulham Council has created a new alliance intended to clean dirty air and improve residents' health.
16/02/2024 - 10:44
Two million more GP appointments a month are being delivered for patients compared to the same month before the pandemic as part of the NHS primary care access recovery plan according to new NHS data.
15/02/2024 - 10:26
The Welsh Government has provided innovation funding of £380,000 to support two projects utilising technology in domiciliary care.
15/02/2024 - 10:13
The new Scottish health secretary has met with frontline staff at Queen Elizabeth University Hospital in Glasgow.
14/02/2024 - 10:27
The North East London NHS Foundation Trust (NELFT) has appointed three new Executive Directors to the Trust Board.
Product Features
UK Building Regulations highlight toxic gas and smoke from layers of paint built up over multiple redecorations as a major cause of permanent ill health or death in a building fire.
Their concern rose with discovery the flame retardant paints most widely used paint along escape routes have been ones which to this day counter-productively use emission of heavy toxic gas to smother flames which rapidly spread along walls if layers of paint delaminate in a fire.
Supplier Profiles
Northwich’s Victoria Infirmary (VIN) Community Diagnostic Centre (CDC) has enabled more patients
Adveco, the commercial hot water specialist, announces the launch of live metering of domestic ho
Latest Features
Sarah Greenslade, public affairs and communications officer at the British Parking Association looks at some of the problems and innovations in healthcare parking
It’s easy to assume that the comms team is there to handle press enquiries and the occasional social media storm – but the reality is that strategic communications can make a measurable impact across the entire organisation, from operational to financial, when done properly
