The WannaCry Cyber Security Attack Aftermath

Share on Social

It is Throwback Thursday, so we’re looking at the Wannacry Cyber Security Attack which hit in May 2017.

So what was WannaCry?

It was a type of malware known as a ransomware worm, which exploited unpatched computers and was adapted to trigger a ransom request. The attack, which began on 12 May 2017, impacted 200,000 computers in 150 countries around the world.

The impact on the NHS

WannaCry had a crippling effect on the NHS – it is believed to have infected machines at 81 health trusts plus computers at almost 600 GP surgeries.

It led to ambulances being diverted, vital equipment such as MRI scanners and X-ray machines being taken offline, and the cancellation of at least 6900 NHS appointments, including operations.

By the time the outbreak hit in May 2017, ransomware had been steadily growing as a top security concern for years. In its report on WannaCry and the NHS, the National Audit Office (NAO) made it clear that NHS trusts had failed to act on critical alerts and warnings in 2014 to patch and upgrade older software.

The mainstream attention WannaCry generated fuelled renewed interest in learning how infections work, how to handle them effectively, and how to avoid them altogether. For many organisations, including the NHS, addressing ransomware quickly became IT security priority #1.

The Cyber Security Programme

Eighteen months on from this attack, it has been reported that the NHS still has a long way to go before its trusts are completely cyber secure. However, the NHS’s Cyber Security Programme is working to ensure that measures are actively in place to protect NHS assets and services, and to strengthen resilience against cyber attacks.

Since 2017 the Government has invested £60 million to address key cyber security weaknesses, with a further £150 million pledged over the next three years to improve resilience.

A new multimillion-pound Microsoft security package will ensure all health and care organisations can use the most up-to-date software with the latest security settings.

At a local level, individual trusts will have the ability to detect threats, isolate infected machines and kill malicious processes before they are able to spread.