In their October 2018 publication on ‘Securing cyber resilience in health and care: a progress update’, the Department of Health and Social Care estimated the cost of WannaCry to the NHS as £92 million.
The DHSC used a variety of factors (average number of NHS trusts involved) and categories (direct and resource) to estimate the financial impact on the NHS but this does not include a consideration of other organisations outside of the health and care who were also impacted.
The DHSC report is available here.
David Lidington, Minister of State for Cabinet Office, said:
“Since the 2017 WannaCry cyber incident, a number of steps have been taken to sharpen incident response plans across the NHS, providing new and mandatory training on cyber security to all NHS personnel and increasing investment in local infrastructure to develop a more robust cyber security posture.”
The DHSC say in the report that they have:
• increased our investment in securing local infrastructure in 2017/18 to over £60 million;
• signed a Windows 10 licensing agreement with Microsoft which will allow local NHS organisations to save money, reduce potential vulnerabilities and increase cyber resilience;
• agreed £150 million of investment over the next three years;
• procured a new Cyber Security Operations Centre boosting the national capability to prevent, detect and respond to cyber attacks;
• launched the Data Security and Protection Toolkit;
• agreed our plans to implement the recommendations of the Chief Information Officer for Health and Care’s review of the May 2017 WannaCry attack;
• Supported 25 local NHS organisations to improve their cyber resilience via the NHS Digital “Blue Teams” pilot.
Note no figures for the Microsoft deal.
I remember this and as somebody who takes computer security very seriously. I am surprised this little snippet wasn’t mentioned in the above article: NHS ‘could have prevented’ WannaCry ransomware attack NHS trusts were left vulnerable in a major ransomware attack in May because cyber-security recommendations were not followed, a government report has said…..The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software. https://www.bbc.co.uk/news/technology-41753022 The British penchant of pound foolish, penny shy strikes… Read more »
Yes but they got away with it for about 4 years and when you are talking the scale of the NHS I suspect the cost of the full implementation of all measures suggested in 2014 probably cost way more than 94million. Look the shopping list of increases security cyber security in the article and your talking over a 100million a year extra. To put it in context thats 25 thousand knee and hip replacements. The nhs always has to look at any none healthcare spend very carefully as we don’t actually pay for the demand out there so any money… Read more »
If you want to kill innocent people without firing a shot, here is a good example. In plain language, this is a new weapon and someone is using it very intelligently? We must now place these attacks under the military umbrella and treat such actions as hostile. If this activity goes unchecked these devices could have a dramatic effect on all our lives.
The NHS one isn’t a good example because it wasn’t a targeted attack against the NHS. The last I heard the conclusion of the investigation was that it it was criminal elements trying to scam anyone they could and the scam spread far more widely than they had expected, ironically to their detriment because the huge media profile and government interest meant that things got so hot that they didn’t dare access the accounts set up to receive ransom payments. Renault, DeutcheBahn, Telefonica, FedEx US & the Russian Ministry of the Interior were other high profile victims of the same… Read more »
https://www.wsj.com/articles/its-official-north-korea-is-behind-wannacry-1513642537
North Korea most probably
My granddaughter works for NHS and she said no one in her office of 20 plus had a clue or even what to do.
this incident was significantly different, as the infection spread using CIA tools.
typically just turn it off, wait for IT. Or if home turn off and boot into safe mode, get a antivirus recovery disk, and hope that you backed up all your valued items.