This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/technology-41753022
The article has changed 5 times. There is an RSS feed of changes available.
| Version 3 | Version 4 |
|---|---|
| NHS 'could have prevented' WannaCry ransomware attack | NHS 'could have prevented' WannaCry ransomware attack |
| (35 minutes later) | |
| NHS trusts were left vulnerable in a major ransomware attack in May because cyber-security recommendations were not followed, a government report has said. | NHS trusts were left vulnerable in a major ransomware attack in May because cyber-security recommendations were not followed, a government report has said. |
| More than a third of trusts in England were disrupted by the WannaCry ransomware, according to the National Audit Office (NAO). | More than a third of trusts in England were disrupted by the WannaCry ransomware, according to the National Audit Office (NAO). |
| At least 6,900 NHS appointments were cancelled as a result of the attack. | At least 6,900 NHS appointments were cancelled as a result of the attack. |
| NHS England said no patient data had been compromised or stolen and praised the staff response. | NHS England said no patient data had been compromised or stolen and praised the staff response. |
| The NAO chief said the Department of Health and the NHS must now "get their act together". | The NAO chief said the Department of Health and the NHS must now "get their act together". |
| WannaCry, which spread to more than 150 countries in a worldwide ransomware outbreak beginning on 12 May, was the biggest cyber-attack to have hit the NHS to date. | WannaCry, which spread to more than 150 countries in a worldwide ransomware outbreak beginning on 12 May, was the biggest cyber-attack to have hit the NHS to date. |
| The malware encrypted data on infected computers and demanded a ransom roughly equivalent to £230 ($300). | The malware encrypted data on infected computers and demanded a ransom roughly equivalent to £230 ($300). |
| The NAO report said there was no evidence that any NHS organisation paid the ransom - but the financial cost of the incident remained unknown. | The NAO report said there was no evidence that any NHS organisation paid the ransom - but the financial cost of the incident remained unknown. |
| An assessment of 88 out of 236 trusts by NHS Digital before the attack found that none passed the required cyber-security standards. | An assessment of 88 out of 236 trusts by NHS Digital before the attack found that none passed the required cyber-security standards. |
| The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software. | The report said NHS trusts had not acted on critical alerts from NHS Digital and a warning from the Department of Health and the Cabinet Office in 2014 to patch or migrate away from vulnerable older software. |
| The Department of Health also lacked important information, the report said. | The Department of Health also lacked important information, the report said. |
| "Before 12 May 2017, the department had no formal mechanism for assessing whether NHS organisations had complied with its advice and guidance." | "Before 12 May 2017, the department had no formal mechanism for assessing whether NHS organisations had complied with its advice and guidance." |
| Organisations could also have better managed their computers' firewalls - but in many cases they did not, it said. | Organisations could also have better managed their computers' firewalls - but in many cases they did not, it said. |
| NHS organisations have not reported any cases of harm to patients or of their data being stolen as a result of WannaCry. | NHS organisations have not reported any cases of harm to patients or of their data being stolen as a result of WannaCry. |
| NHS England has identified 6,912 appointments - including operations - that were cancelled as a direct result of the ransomware. | NHS England has identified 6,912 appointments - including operations - that were cancelled as a direct result of the ransomware. |
| But it estimated that about 19,000 appointments in total may have been affected. | But it estimated that about 19,000 appointments in total may have been affected. |
| Cases included at least 139 people potentially with cancer, who had urgent referrals cancelled. | Cases included at least 139 people potentially with cancer, who had urgent referrals cancelled. |
| It is not known: | It is not known: |
| The NAO credits the widely reported work of cyber-security researcher Marcus Hutchins, who accidentally helped to stop the spread of WannaCry. | The NAO credits the widely reported work of cyber-security researcher Marcus Hutchins, who accidentally helped to stop the spread of WannaCry. |
| His "kill switch" involved registering a domain name linked to the malware, which deactivated the program's ability to spread automatically. | His "kill switch" involved registering a domain name linked to the malware, which deactivated the program's ability to spread automatically. |
| Home Office Minister Ben Wallace told BBC Radio 4's Today programme that the government was "as sure as possible" that North Korea was behind the attack. | Home Office Minister Ben Wallace told BBC Radio 4's Today programme that the government was "as sure as possible" that North Korea was behind the attack. |
| "This attack, we believe quite strongly that it came from a foreign state," he said. | "This attack, we believe quite strongly that it came from a foreign state," he said. |
| "It is widely believed in the community and across a number of countries that North Korea [took on] this role". | "It is widely believed in the community and across a number of countries that North Korea [took on] this role". |
| Speaking on the same programme, former chairman of NHS Digital, Kingsley Manning, said that a failure to upgrade old computer systems at a local level within the NHS had contributed to the rapid spread of the malware. | Speaking on the same programme, former chairman of NHS Digital, Kingsley Manning, said that a failure to upgrade old computer systems at a local level within the NHS had contributed to the rapid spread of the malware. |
| He said: "The problem with cyber security for the NHS is [that] it has a particular vulnerability... It's very interconnected so if you get an attack in one place it tends to spread." | He said: "The problem with cyber security for the NHS is [that] it has a particular vulnerability... It's very interconnected so if you get an attack in one place it tends to spread." |
| Mr Manning blamed a lack of time and resources but also "frankly a lack of focus, a lack of taking it seriously" for individual NHS organisations' failure to keep up with cyber-security improvements. | Mr Manning blamed a lack of time and resources but also "frankly a lack of focus, a lack of taking it seriously" for individual NHS organisations' failure to keep up with cyber-security improvements. |
| "This was an extremely unsophisticated attack," he added. | "This was an extremely unsophisticated attack," he added. |
| The NAO said the NHS "has accepted that there are lessons to learn" from WannaCry and will now develop a response plan. | The NAO said the NHS "has accepted that there are lessons to learn" from WannaCry and will now develop a response plan. |
| It will also ensure that critical cyber-security updates - such as applying software patches - are carried out by IT staff, the NAO said. | It will also ensure that critical cyber-security updates - such as applying software patches - are carried out by IT staff, the NAO said. |
| WannaCry was "a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice," said Sir Amyas Morse, comptroller and auditor-general of the NAO. | WannaCry was "a relatively unsophisticated attack and could have been prevented by the NHS following basic IT security best practice," said Sir Amyas Morse, comptroller and auditor-general of the NAO. |
| "There are more sophisticated cyber-threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks." | "There are more sophisticated cyber-threats out there than WannaCry so the Department and the NHS need to get their act together to ensure the NHS is better protected against future attacks." |
| Keith McNeil, NHS chief clinical information officer for health and care, said: "As the NAO report makes clear, no harm was caused to patients and there were no incidents of patient data being compromised or stolen. | |
| "Tried and tested emergency plans were activated quickly and our hard-working NHS staff went the extra mile to provide patient care, keeping the impact on NHS services and patients to a minimum." | "Tried and tested emergency plans were activated quickly and our hard-working NHS staff went the extra mile to provide patient care, keeping the impact on NHS services and patients to a minimum." |
| Analysis - by Rory Cellan-Jones, technology correspondent | Analysis - by Rory Cellan-Jones, technology correspondent |
| For many executives, a serious cyber-attack is now very high on their list of risks to their organisations and a priority for disaster planning. | For many executives, a serious cyber-attack is now very high on their list of risks to their organisations and a priority for disaster planning. |
| So what is most shocking in this report is the lack of planning at a local level in the NHS for such an event. | So what is most shocking in this report is the lack of planning at a local level in the NHS for such an event. |
| To be fair, the Department of Health had developed a plan - it was just that it had not been properly communicated or tested in the NHS trusts. When disaster struck, nobody seemed to know who was in charge or what to do. | To be fair, the Department of Health had developed a plan - it was just that it had not been properly communicated or tested in the NHS trusts. When disaster struck, nobody seemed to know who was in charge or what to do. |
| Of course, all of this could have been avoided if security patches had been applied to protect the Windows 7 systems common throughout the NHS. Once again, there had been warnings sent out by NHS Digital, but many trusts failed to act upon them - though in that they were no different from many organisations around the world that were also hit. | Of course, all of this could have been avoided if security patches had been applied to protect the Windows 7 systems common throughout the NHS. Once again, there had been warnings sent out by NHS Digital, but many trusts failed to act upon them - though in that they were no different from many organisations around the world that were also hit. |
| In one way, the NHS was lucky - if, instead of a Friday in May, the attack had taken place on a Monday in winter, with a week's appointments affected, the damage would have been far worse. | In one way, the NHS was lucky - if, instead of a Friday in May, the attack had taken place on a Monday in winter, with a week's appointments affected, the damage would have been far worse. |
| Cyber-security experts will tell you that dealing with attacks like these is mostly a management rather than a technology problem. And in this case the NHS proved itself incapable of managing a speedy and effective response to its first major cyber-security crisis. | Cyber-security experts will tell you that dealing with attacks like these is mostly a management rather than a technology problem. And in this case the NHS proved itself incapable of managing a speedy and effective response to its first major cyber-security crisis. |