In May 2017, the NHS was hit by one of the most disruptive ransomware attacks in history, computers in hospitals and healthcare centres across the country were locked down by WannaCry ransomware, throwing the National Health Service into chaos. The attack had a far-reaching impact, with operations cancelled, ambulances diverted, and patient records inaccessible. It was the moment that brought ransomware into the spotlight for the UK, revealing vulnerabilities not only in the NHS but across many organisations.
In this article, I reflect on the significance and impact of this attack and how our awareness and approaches in the UK have changed since 2017.
Targeting the NHS
The reason the NHS was hit particularly hard boiled down to a lot outdated and unpatched software. At the time of the attack, many NHS computers were still running old versions of Microsoft Windows, some more than 15 years old. These systems hadn’t been updated in years and were no longer supported by Microsoft, meaning they weren't receiving the security patches needed to fend off cyber threats like WannaCry.
The WannaCry ransomware exploited a known vulnerability in older versions of Windows, using a technique believed to have been developed by the U.S. National Security Agency (NSA) and subsequently leaked. Like many organisations, the NHS was using outdated software that hadn't been patched, so when the ransomware struck, it spread rapidly.
How the WannaCry attack changed awareness of ransomware
Before the WannaCry attack, many people in the UK, especially those outside of the tech world had little knowledge of what ransomware even was. Cybersecurity was often seen as something that affected banks, tech firms, or large corporations, but not public services like healthcare.
WannaCry changed that overnight.
Suddenly, the public saw firsthand how a cyberattack could impact real lives. Hospital operations were delayed or cancelled, critical patient data was locked, and the ability to provide care was severely hampered. For the first time, people began to realise that ransomware wasn’t just a problem for big business, it was a problem that could affect anyone, including vital public services.
The attack also revealed something shocking: many organisations, including the NHS, were operating on outdated, unsupported technology. The attack shone a harsh light on the need for modernisation in the public sector, where outdated IT systems were putting essential services at risk.
The impact of the WannaCry attack
In the aftermath of the attack, it was clear that changes had to be made. The government, the NHS, and businesses across the UK started to take cybersecurity much more seriously. Here are some of the key lessons learned:
- Keep software updated: Perhaps the biggest lesson from WannaCry was the importance of keeping software up to date. Since the NHS WannaCry attack, there has been a push for organisations to regularly update their systems and apply security patches as soon as they’re available.
- Improve cyber hygiene: Organisations learned that basic cybersecurity practices, often referred to as cyber hygiene, are crucial. This includes things like regularly updating software, using strong passwords, and ensuring that employees get ongoing cybersecurity training.
- Backup data: Another critical lesson was the importance of backing up data. Ransomware works by locking down data and demanding a ransom to release it. If an organisation has frequent, regular backups, they can restore their systems should something like this happen.
- Invest in cybersecurity: Possibly the most important lesson of all that the attack highlighted the need for proper investment in cybersecurity.
WannaCry was a pivotal moment for the UK, one that forced organisations to take a hard look at their cybersecurity strategies. While no system is ever completely immune to cyber threats, the attack led to significant improvements in how both public and private sector organisations protect their data and systems. The government has since launched the National Cyber Security Centre (NCSC) to provide guidance and support, helping organisations improve their cybersecurity resilience.
That said, ransomware remains a serious threat. Cybercriminals are always evolving their tactics, and organisations must remain vigilant. But one thing is clear: the WannaCry attack served as a much-needed wake-up call, and the lessons learned from it have paved the way for a more secure future.
Lessons learned
As the world becomes more reliant on technology, the need for strong cybersecurity practices has never been more important. The lessons from the WannaCry attack remind us all that in today’s digital age, keeping systems secure isn’t always just about protecting data, it can be about protecting lives.
At Brigantia, we are continually looking at how the channel can keep businesses and organisations protected to the highest level. If you’d like to find out more, please get in touch.
