NAO releases findings into WannaCry NHS investigation
The National Audit Office (NAO) has published a report on the WannaCry ransomware attack that affected the NHS earlier this year.
It led to disruption in at least 34 per cent of NHS trusts in England.
The NAO said its investigation focused on the attack’s impact on the NHS and its patients, as well as how the Department of Health (DoH) and NHS national bodies responded to the attack.
Among the key findings of the report was the fact the DoH was warned about the risks of cyber attacks on the NHS a year before the WannaCry attack and, although it had work into the issue underway, it did not formally respond with a written report until July 2017.
The NAO said the DoH and Cabinet Office wrote to trusts in 2014, saying it was essential they had “robust plans” to migrate away from older and less secure software, such as Windows XP, by April 2015.
In March and April 2017, NHS Digital had issued critical alerts warning organisations to patch their systems to prevent WannaCry. However, the NAO revealed that before May 12th 2017, the DoH “had no formal mechanism for assessing whether local NHS organisations had complied with their advice and guidance and whether they were prepared for a cyber attack”.
The NAO also found that the attack could have caused more disruption if it had not been stopped by a researcher activating a ‘kill switch’ so that WannaCry stopped locking devices. Illustrating this, the NAO said between May 15th and mid-September, NHS Digital and NHS England identified a further 92 organisations, including 21 trusts, as contacting the WannaCry domain. However, it acknowledged that some of these may have been contacting the domain as part of their cyber security activity.
Amyas Morse, head of the National Audit Office, said: “The WannaCry cyber attack had potentially serious implications for the NHS and its ability to provide care to patients. It was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice.
“There are more sophisticated cyber threats out there than WannaCry so the Department [of Health] and the NHS need to get their act together to ensure the NHS is better protected against future attacks.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.