In wake of WannaCry, NHS assessed 200 facilities on cybersecurity preparedness — None passed

The Public Accounts Committee of the U.K. Parliament released an update on the U.K. National Health Service's cybersecurity preparedness in a March 18 report.

The report was commissioned following the worldwide ransomware attack WannaCry, which infected 200,000-plus computers in more than 150 countries in May 2017.

NHS represented one of WannaCry's most prominent victims, as the ransomware affected more than one-third of NHS trusts. As a result of the ransomware attack, NHS canceled almost 20,000 appointments and diverted patients from five of its accident and emergency departments.

The U.K. Public Accounts Committee's report, which refers to WannCry as a "wake-up call for the NHS," outlines how the ransomware attack affected NHS facilities, those facilities' readiness for future cyberattacks and overarching cybersecurity preparedness lessons for other government agencies to consider.

The report notes prior to WannaCry, many NHS facilities were "unprepared for the relatively unsophisticated WannaCry attack." These facilities had not shared and tested response plans, and NHS personnel did not have established practices to communicate with one another as the attack unfolded.

NHS England told the U.K. Public Accounts Committee it has gained better visibility into NHS trusts' cybersecurity preparedness since WannaCry. However, the report cites recent results from on-site cybersecurity assessments NHS Digital conducted at 200 trusts, in which all trusts failed their cybersecurity assessment.

NHS England attributed some of these failures to the assessments' "high bar." However, the U.K. Public Accounts Committee argued some facilities' shortcomings were due to their failure to patch IT systems.

"Although the [Department of Health and Social Care] and NHS bodies have learned lessons from WannaCry, they have a lot of work to do to improve cybersecurity for when, and not if, there is another attack," the report reads.

To access the U.K. Public Accounts Committee's report, click here.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars