NHS is still assessing the cost of WannaCry one year later

The UK’s Department of Health and Social Care provided an update on the efforts to secure the NHS IT infrastructure, with a focus on WannaCry overall costs.

The UK’s Department of Health and Social Care provided an update on the spent to secure the IT infrastructure in a report titled “Securing cyber resilience in
health and care“. One year later the massive WannaCry ransomware attack the NHS is still facing problems caused by the infections.

NHS WannaCrypt ransomware

WannaCry cost the NHS £92m, giving a look at the expense details we can observe item of £19m for lost output and an estimate of £73m of IT cost to fix affected assets.

According to the report, the attack directly impacted over 19,000 patients whose appointments were canceled due to the attack.

The estimate in the report considers the financial costs in  two time periods:

  • during the attack between 12 and 18 May 2017;
  • during the recovery period in the immediate aftermath to June-July 2017;

The analysis focus on two categories of cost are:

  1. Direct impact – lost output of patient care caused by reduced access to information and systems required for care leading to cancelled appointments etc.
  2. Additional IT support provided by NHS organisations or IT consultants to restore data and systems affected by the attack.

“The WannaCry attack disrupted services across one-third of hospital trusts and around 8% of GP practices. This had a knock-on impact on patients with over 19,000 appointments cancelled.” reads the report.

“While this may only be a small proportion of overall NHS activity, it represents disruption to the care of a significant number of patients.”

The attack highlighted the inefficiency of the antiquated NHS IT systems, Microsoft was charged to update the entire infrastructure with a three-year deal of £150m deal.

The report includes a case study related a “large NHS mental health trust” that was protected with Advanced Threat Protection that allowed to repeal a phishing email attack with a weaponized excel spreadsheet attachment.

IBM was also hired by the NHS to deliver the new Cyber Security Operations Centre (CSOC) aimed at increasing the capability to monitor, detect and respond to
a variety of security risks and threats across the organization.

NHS signed a three-year strategic partnership with IBM (£30m) to improve NHS Digital’s Cyber Security Operations Centre (CSOC)

The goal is the compliance with the Cyber Essentials Plus standard in June 2021, as recommended in February’s lessons-learned report.

Currently, only 10 sites will “aim” to reach this goal next March.



Pierluigi Paganini

(Security Affairs – WannaCry, hacking)


The post NHS is still assessing the cost of WannaCry one year later appeared first on Security Affairs.

Leave a Reply