NHS could have avoided WannaCry attack by taking 'simple action'

Thousands of appointments were cancelled after the Wanna Cry attack

Last may, several NHS hospitals were hit by the global WannaCry ransomware attack.

Britain said on Friday it believed North Korea was behind the "WannaCry" cyber attack in May that disrupted businesses and government services worldwide, including the National Health Service (NHS) in England.

The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software. "It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice", said Amyas Morse, head of the NAO.

For example, the Secretary of State for Health asked the National Data Guardian and the Care Quality Commission to undertake reviews of data security, with reports published in July 2016 that warned the Department of Health that cyber attacks could lead to patient information being lost or compromised.

The cyber attack could have caused more disruption if it had not been stopped by a cyber researcher activating a "kill switch" so that WannaCry stopped locking devices.

Prior to the attack, the Department of Health didn't have any formal mechanism for checking whether local NHS organisations were following their advice on cybersecurity issues.

The full scale of the incident saw over 19,000 medical appointments cancelled, according to the report, and computers at 600 surgeries shut down.

"The Department of Health failed to agree a plan with the NHS locally for dealing with cyber attacks so the NHS response came too late in the day".

At least 6,900 NHS appointments were cancelled as a result of the attack.


It had been warned about the risks of cyberattacks more than a year before.

No NHS organisations paid the ransom demanded by the malware.

An assessment of 88 out of 236 trusts by NHS Digital before the attack found that none passed the required cyber-security standards. "However, the NAO said, the Department of Health "does not know" how many NHS organisations could not access records or receive information, because they shared data or systems with an infected trust".

The lack of a rehearsal for an attack meant "it was not immediately clear who should lead the response and there were problems with communications".

All were running computer systems - the majority Windows 7 - that had not been updated to secure them against such attacks.

The report concluded by saying that the NHS accepted there were "lessons to learn" from the attack, and that it was taking action to make sure an attack of this magnitude did not happen again.

"The WannaCry cyber attack had potentially serious implications for the NHS and its ability to provide care to patients".

In one way, the NHS was lucky - if, instead of a Friday in May, the attack had taken place on a Monday in winter, with a week's appointments affected, the damage would have been far worse.

Related:

Comments

Latest news

UK GDP comes in at 0.4% for third quarter, beating estimates
In response to the figures Chancellor Phillip Hammond said: "The UK economy is successful and resilient". Manufacturing also boosted the economy with an improved performance after a weak second quarter.

FIFA Under-17 WC: Its England vs Spain in Finale
Hudson-Odoi clipped the ball across the penalty area from the left, and Brewster turned it goalwards from point-blank range. The striker, from just six yards out from goal, sent a tame header trickling wide, not even hitting the target.

Demonetisation: Nov 8 is 'anti black money day'
He also quoted a recent International Monetary Fund report that projected India will achieve an eight per cent growth rate soon. Jaitley also hit out at the Congress over its plans to observe the day because the demonetisation decision was "ill conceived".

Switch Now Has GameCube Controller Support
If there were to be a new Smash title in the future, it would certainly be a good idea to have the controller support ready. To use a GameCube controller , simply connect it to the Switch's dock and pair it by hitting your L and R buttons.

GM's earnings beat, forecast lift shares; supply glut shrinks
Additionally General Motors Company recently announced a dividend for shareholders which was paid on Friday September 22nd, 2017. Eagle Management Ltd Limited Liability Company has invested 2.43% of its portfolio in General Motors Company (NYSE:GM).

Kenya: 3 Ask Supreme Court to Stop Poll
The court hearing will occur even though Kenya's interior ministry has declared Wednesday and Thursday to be public holidays. Khalifa said the three want elections postponed until the electoral commission can deliver a credible vote.

New Study Shows Link Between Gut Bacteria And Breast Cancer
For the breast cancer study, researchers examined the tissue of 78 patients who underwent mastectomies related to breast cancer. Others, known as oestrogen-receptor negative, are not affected by the hormone and are more hard to treat.

BJP irks critics for demanding cuts in Tamil movie 'Mersal'
Incidentally, Parasakti was a film that was penned by DMK leader Karunanidhi, which had late Shivaji Ganesan in the lead role. Congress vice-president Rahul Gandhi has told Prime Minister Narendra Modi not to "interfere" in the Tamil film " Mersal ".

Egyptian policemen, troops killed in clashes with militants
Fifteen militants, who were reported to belong to an extremist group called Hasm, also died in the attack. Earlier reports said that 14 police officers were killed and eight others injured during the clashes.

Donald Trump pledges to release John F. Kennedy's assassination files
The President, no stranger to conspiracy theories himeslf, may also have a personal interest in some of the released documents. At the weekend, President Donald Trump announced on Twitter he did not plan to stand in the way of the scheduled release.

Storm Brian: Northern Ireland forecast to void worst of 'weather bomb'
Tipperary is not included in the list of counties with high-wind warnings, neighbouring counties Clare, Cork, and Waterford are. Check in with the website and follow the progress of Storm Brian live as it hits Ireland and Kilkenny this weekend.

Coca-Cola Company (The) (NYSE:KO) Updated Broker Ratings
Paradigm Research downgraded the stock to "Hold" rating in Thursday, April 7 report. (NYSE:BLK) rating on Sunday, August 13. Also, there are 0 buy, 0 sell and 0 strong sell ratings, collectively assigning a 2.6 average brokerage recommendation.

Israeli-Developed Breakthrough Cancer Drug Receives FDA Approval
Diffuse large B-cell lymphoma is the most common aggressive non-Hodgkin lymphoma, roughly three out of every five cases. Locke, MD, medical oncologist at Moffitt Cancer Center, told Oncology Nursing News at the 2017 AACR Annual Meeting.

De Bruyne: Man City, United fighting for title
The Clarets have beaten Chelsea and Everton on the road this year and drawn at Tottenham and Liverpool. I think past year we played good football but, especially in the big games, we didn't win them.

Nintendo Claims Two-Thirds of September Video Game Hardware Sales
It's so easy to! With the latest #Firmware Update , players can finally record videos on a handful of Nintendo Switch games. There's no waiting for any downloads - you can start playing the game the moment it's officially "out".

Other news