In May 2017, the NHS was hit by one of the most disruptive ransomware attacks in history, computers in hospitals and healthcare centres across the country were locked down by WannaCry ransomware, throwing the National Health Service into chaos. The attack had a far-reaching impact, with operations cancelled, ambulances diverted, and patient records inaccessible. It was the moment that brought ransomware into the spotlight for the UK, revealing vulnerabilities not only in the NHS but across many organisations.
In this article, I reflect on the significance and impact of this attack and how our awareness and approaches in the UK have changed since 2017.
The reason the NHS was hit particularly hard boiled down to a lot outdated and unpatched software. At the time of the attack, many NHS computers were still running old versions of Microsoft Windows, some more than 15 years old. These systems hadn’t been updated in years and were no longer supported by Microsoft, meaning they weren't receiving the security patches needed to fend off cyber threats like WannaCry.
The WannaCry ransomware exploited a known vulnerability in older versions of Windows, using a technique believed to have been developed by the U.S. National Security Agency (NSA) and subsequently leaked. Like many organisations, the NHS was using outdated software that hadn't been patched, so when the ransomware struck, it spread rapidly.
Before the WannaCry attack, many people in the UK, especially those outside of the tech world had little knowledge of what ransomware even was. Cybersecurity was often seen as something that affected banks, tech firms, or large corporations, but not public services like healthcare.
WannaCry changed that overnight.
Suddenly, the public saw firsthand how a cyberattack could impact real lives. Hospital operations were delayed or cancelled, critical patient data was locked, and the ability to provide care was severely hampered. For the first time, people began to realise that ransomware wasn’t just a problem for big business, it was a problem that could affect anyone, including vital public services.
The attack also revealed something shocking: many organisations, including the NHS, were operating on outdated, unsupported technology. The attack shone a harsh light on the need for modernisation in the public sector, where outdated IT systems were putting essential services at risk.
In the aftermath of the attack, it was clear that changes had to be made. The government, the NHS, and businesses across the UK started to take cybersecurity much more seriously. Here are some of the key lessons learned:
WannaCry was a pivotal moment for the UK, one that forced organisations to take a hard look at their cybersecurity strategies. While no system is ever completely immune to cyber threats, the attack led to significant improvements in how both public and private sector organisations protect their data and systems. The government has since launched the National Cyber Security Centre (NCSC) to provide guidance and support, helping organisations improve their cybersecurity resilience.
That said, ransomware remains a serious threat. Cybercriminals are always evolving their tactics, and organisations must remain vigilant. But one thing is clear: the WannaCry attack served as a much-needed wake-up call, and the lessons learned from it have paved the way for a more secure future.
As the world becomes more reliant on technology, the need for strong cybersecurity practices has never been more important. The lessons from the WannaCry attack remind us all that in today’s digital age, keeping systems secure isn’t always just about protecting data, it can be about protecting lives.
At Brigantia, we are continually looking at how the channel can keep businesses and organisations protected to the highest level. If you’d like to find out more, please get in touch.