building, resilient business


Report following Wanna Cry & NHS ‘attack’

Sharing Charlie Maclean-Bristol, Training Director, FBCI, FEPS post on “10 Lessons from the report on the NHS Wannacry cyber attack. Charlie has distilled 10 lessons from the UK National Audit Office investigation into the “WannaCry cyber attack and the NHS” published this week which are:

1) Are you sure that your IT department has the skills, money, expertise, knowledge and leadership to ensure that your organisation is not vulnerable to an attack?
2) Unless your systems are patched and up-to-date, you are vulnerable to an attack. This is basic IT management!
3) 44 organisations reported disruptions, although they were not affected by WannaCry, because they shut down emails and other systems as a precaution. In this incident, more organisations were impacted by closing down and isolating their systems, compared to those actually affected by the virus.
4) Even if the attack didn’t have a direct impact on people’s lives, the indirect impacts were still huge. It was estimated in the report that 19,494 operations were cancelled.
5) “Plans had not been tested at a local level and it was not clear who should lead the response”. Exercising your cyber plan is essential to ensure that everyone is aware of their roles and responsibilities.
6) The response was made more difficult, as the main communications channel was shut down or affected by the virus.
7) There was no clarity about who the incident should be reported to.
8) The mitigation is very simple, are you doing the basics to protect your organisation?
9) Costs can be huge in response to a major breach and, according to the Financial Times, the cost of the Moller-Maersk cyber incident was $300m.
10) NHS England had identified 1,222 pieces of equipment which had been affected by the ransomware; this was 1% of all their equipment. Some of them had Windows XP embedded within the piece of equipment as their operating system. As the internet of things becomes wider, are you aware of operation systems used by equipment and how to patch and update the software?


Skip to content