Last year, the NHS fell victim to a global ransomware attack which led to the cancellation of nearly 20,000 hospital appointments. However, since the attack, both the government and NHS bodies have allegedly failed to implement measures to adequately protect against future attacks.
The findings, which were published by the Commons Public Accounts Committee, found that all 200 hospitals and other NHS organisations, that have been tested so far, have failed cybersecurity checks.
In addition to this, the Public Accounts Committee has warned that the Government has still not identified the full financial cost of the shutdown or the extent of vulnerabilities and challenges in upgrading out-of-date equipment. Health leaders claim that this makes it impossible for NHS bosses to prioritise security improvements.
UKIP’s Health Spokesperson, Dr Julia Reid MEP, said: “It’s evident from the report, that both the Department of Health and Social Care (DHSC) and NHS bodies had not been prepared for the devasting cyber-attack that happened last summer.”
“However, what’s even more concerning, is that nothing seems to have been learned from this. Apparently, some hospitals still haven’t even patched the original vulnerability that led to last year’s cyber-attack.
“Let’s also not forget the fact that last year would have been a whole lot worse had it not been for computer-expert, Marcus Hutchins, who helped stop the cyber-attack. However, we can’t always rely on good Samaritans to come save the day – next time we might not be so lucky!
Dr Reid added: “In addition to patching the current vulnerabilities [that allowed the WannaCry ransomware to wreak havoc] and improving cybersecurity, we should also look to explore new ways in which health professionals can share a patient’s data more securely, going forward. Many hospitals across the globe are looking at utilizing blockchain technology – which is known for being highly secure, immutable and lightning fast. Perhaps this is something the NHS bodies should look into as well? At the end of the day, they have a duty to ensure that patient information remains confidential, and blockchain technology could certainly help make this easier for them”.
A Department of Health and Social Care spokesperson said: “We have supported [cybersecurity] work by investing over £60 million to address key weaknesses and plan to spend a further £150 million over the next two years.”
The ransomware attack, known as WannaCry, affected more than 200,000 computers in at least 100 countries and those affected by the attack faced a ransom demand to unlock their devices. The NHS was particularly affected, with over a third of NHS trusts suffering disruption.