A global ransomware phenomenon, WannaCry, targeted the NHS systems in May last year, resulting into a major healthcare disruption in the UK. Some accounts suggest that nearly 20,000 medical appointments were cancelled following the attack.
The public Accounts Committee consisting of several MPs was formed after the attack to monitor how the pertinent departments were dealing with the attack by employing ransomware decrypts and by taking up necessary measures to upgrade the cyber security. Nearly one year after the attack, the committee is not satisfied with the efforts of the Department of Health and Social Care (DHSC) and NHS.
After analyzing the attack and its fallout, DHSC and NHS jointly came up with a report of 22 recommendations to streamline the cyber security of nationwide health services. However, none of these recommendations have been implemented so far and MPs are criticizing the concerned authorities for their lackadaisical approach.
For instance, the DHSC hasn’t estimated the expenses that are required to implement these propositions and neither do they know how to execute them. The committee members reminded the DHSC and NHS that they were lucky because ransomware decrypt activities were commenced as soon as the attack happened. Otherwise the extent of damage could be far worse.
It is important to note that nearly one-third of NHS trusts were targeted by WannaCry ransomware. Moreover, more than 600 organizations affiliated with NHS also got affected by the cryptographic infection in some way. So, one could imagine what calamity the Britain’s healthcare system had to endure, if swift ransomware decryption measures weren’t taken.
Right after the ransomware attack, The DHSC was also criticized because of their extreme lack of preparedness against cyber attacks. Meg Hillier, the MP who is heading the committee, says that various vulnerabilities in the digital systems of NHS were revealed after the attack. She has emphasized on the need to implement the proposed recommendations as soon as possible to protect patients from the impact of cyber shenanigans.
The DHSC maintains that they have implemented many cyber security measures, but also admits there is still a lot to do. As of now, £60 million have been spent on modernizing the digital security of NHS and other related bodies.
