Investigation: WannaCry cyber attack and the NHS

The National Audit Office has investigated the NHS’s response to the cyber attack that affected it in May 2017 and the impact on health services. You can find the key findings below:

• The Department was warned about the risks of cyber attacks on the NHS a year before WannaCry to which they did not formally respond until July 2017.

• The attack led to disruption in at least 34% of trusts in England although the Department and NHS England do not know the full extent of the disruption.

• Thousands of appointments and operations were cancelled.

• The Department, NHS England and the National Crime Agency told National Audit Office that no NHS organisation paid the ransom, but the Department does not know how much the disruption to services cost the NHS.

• The cyber attack could have caused more disruption if it had not been stopped by a cyber researcher activating a ‘kill switch’ so that WannaCry stopped locking devices.

To conclude, Amyas Morse, head of the National Audit Office highlights that Wannacry was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice. In addition, The Care Quality Commision have recommended that all health and care organisations need to provide evidence that they are taking action to improve cyber-security, such as through the ‘Cyber Essentials’ scheme.

Download full report here.