An investigation into the 2017 WannaCry outbreak found that the ransomware affected 34% of National Health Service (NHS) trusts in England.

Following the May 2017 attack that struck more than 200,000 organizations in at least 100 countries, the UK government’s National Audit Office (NAO) launched an inquiry into the matter. Its purpose was to determine what effect WannaCry had on the NHS. The parliamentary body was especially interested in learning how the ransomware had affected patients’ data as well as how the Department of Health and the NHS national bodies had responded to the attack.

The investigation, which covered the events immediately before the attack and through the end of September, found that WannaCry was the largest digital attack ever to strike the NHS. 81 of the 236 trusts in England suffered disruption as a result of the outbreak. 603 primary care and other NHS organizations, including 595 GP practices, also reported infections.

Investigation: WannaCry cyber attack and the NHS page 17

Here are a few additional findings from the investigation:

  • NHS entities canceled 6,912 appointments as a result of the attack.
  • None of the victimized organizations subsequently paid the ransom demanded by the attackers.
  • The Department of Health does know the true cost of the disruption to NHS services, a figure which would include canceled appointments, IT support, and data recovery procedures.

Those involved with the investigation learned that the Department of Health had received warning in July 2016 that an attack against the NHS could compromise patient data. The DHS eventually released a formal response to that warning in July 2017. But at the time of the attack, the body had no formal mechanism to determine whether local organizations had robust plans to defend against digital threats.

Amyas Morse, head of the National Audit Office, hopes these findings lead (Read more...)