North Korea behind 'WannaCry' cyberattack on British hospitals - security minister

Critical Labour MP Meg Hillier

Basic security ‘would have stopped NHS cyber attack’ by David Wilcock Published

The National Audit Office said a cyber-attack which crippled a third of NHS hospitals in May could have easily been prevented.

Security minister Ben Wallace appeared on BBC Radio4's flagship Today programme on Friday morning to blame North Korea for the infamous ransomware attack that disrupted the operation of one in three NHS Trusts in England as well as numerous other organisations worldwide.

"There are more sophisticated cyber threats out there than WannaCry, so the Department (of Health) and the NHS need to get their act together to ensure the NHS is better protected against future attacks", he said.

Concerning, the report indicates that no NHS trusts acted on critical alerts issued from NHS Digital to patch or migrate away from vulnerable older software.

"[WannaCry] was a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice", NAO chief Amyas Morse said in the statement.

England beat Brazil to reach Under-17 World Cup final
The Liverpool starlet was lethal in front of goal helping the Young Lions to the showpiece event. But England's superb midfield organisation and lethal attack force outclassed Brazil.

NHS organisations have not reported any cases of harm to patients or of their data being stolen as a result of WannaCry.

The DoH also did not formally respond to warnings about NHS cyber-attacks -made a year prior to the WannaCry event - until July this year. NHS England identified 6,912 appointments had been cancelled, and estimated over 19,000 appointments would have been cancelled in total.

According to NHS Digital, the attack could have been prevented by installing security patches and correctly implementing firewalls on outdated and unsupported NHS computers. Equally, we need to think carefully about how effective the NHS is, if the Department of Health and bodies like NHS Digital have little central control or insight.

According to PharmaPhorum, no formal Department of Health (the government health ministry that oversees the health service) process was in place to assess whether NHS organisations had heeded the advice.

For many executives, a serious cyber-attack is now very high on their list of risks to their organisations and a priority for disaster planning.

Egypt: 55 policemen killed in gunbattle with militants
Egypt has been under a state of emergency since April when a twin church attack killed scores. The Muslim Brotherhood has denied any involvement in violent attacks against security forces.

Between May 12 and May 18, the NAO said, NHS England collected some information on cancelled appointments, to help it manage the incident, but this did not include all types of appointment.

To be fair, the Department of Health had developed a plan - it was just that it had not been properly communicated or tested in the NHS trusts.

Meanwhile IT systems at the Cumberland Infirmary were also hit.

As the NHS had not rehearsed for a national cyber attack it was not immediately clear who should lead the response and there were problems with communications.

The NAO said the NHS "has accepted that there are lessons to learn" from WannaCry and will now develop a response plan.

Bloodhound preps for land speed record with 200MPH test run
The Bloodhound SSC auto is a feast of engineering knowhow, blending technology from F1 cars, fighter jets and even spaceships. Green set the record at 1227,98 km/h 20 years ago. "I'm designed for supersonic speed but this I can do easily".

In response to the attack, NHS England and NHS Improvement - responsible for overseeing foundation trusts and NHS trusts - have written to every major health body in the United Kingdom asking for them to address NHS Digital warnings made between March and May of 2017.

Latest News