Findings from the Comptroller and Auditor General from the NHS wannaCry Ransomware infection in 2017
Some interesting points
“On Friday 12 May 2017 a global ransomware attack, known as WannaCry, affected
more than 200,000 computers in at least 100 countries. In the UK, the attack particularly
affected the NHS, although it was not the specific target. At 4 pm on 12 May, NHS England
declared the cyber attack a major incident and implemented its emergency arrangements
to maintain health and patient care. On the evening of 12 May a cyber-security researcher
activated a kill-switch so that WannaCry stopped locking devices.
According to NHS England, the WannaCry ransomware affected at least 80 out of
the 236 trusts across England, because they were either infected by the ransomware or
turned off their devices or systems as a precaution. A further 603 primary care and other
NHS organisations were also infected, including 595 GP practices.
The Department was warned about the risks of cyber attacks on the
NHS a year before WannaCry and although it had work under way it did not
formally respond with a written report until July 2017.
Between 12 May and 18 May, NHS England collected some information on cancelled
appointments, to help it manage the incident, but this did not include all types of
appointment. NHS England identified 6,912 appointments had been cancelled, and
estimated more than 19,000 appointments would have been cancelled in total, based
on the normal rate of follow-up appointments to first appointments. NHS England told
us it does not plan to identify the actual number because it is focusing its efforts on
responding appropriately to the lessons learned from WannaCry.”
Read the full report here
Some other interesting links