TLP White

Today we are digging into WannaCry and the [grim] Reaper. Enjoy, Hacking Healthcare:

Hot Links –

  1. 1. After-action on NHS WannaCry – The UK’s National Audit Office just concluded a review of NHS preparedness and response to WannaCry. The report finds no negative impacts on patient health and safety – some trusts had to reschedule appointments, 5 had to divert emergency visits to other hospitals, and a few trusts were able to continue receiving patients despite the impact of the incident knocking some systems offline.

NHS trusts were vulnerable to the attack due to poor patch management in Windows 7 systems and use of devices running XP. Unsurprisingly, those trusts that had absorbed the operations of other hospitals through mergers struggled with integrating patch management.

The government’s NHS Digital team had conducted on-sight inspections ahead of the attack (88 of 236 trusts had been inspected; none passed). In the inspections, NHS found that most hospitals had “not identified cybersecurity as a risk to patient outcomes, and had tended to overestimate their readiness to manage a cyber attack.”

The report also finds that there was not an effective system for NHS trusts to report the attack and its impact to the government. Despite NHS developing national incident response plans, they had never been tested at a local level.

As a reminder, this is the public version of the Hacking Healthcare newsletter. For additional in-depth analysis and opinion, become a member of H-ISAC.