Add to favourites
News Local and Global in your language
18th of November 2018

Internet



WannaCry attack cost the NHS £92m

We now know how much last year’s WannaCry ransomware attack had cost the NHS, and it’s £92m. The news was revealed by the Department of Health and Social Care this Thursday, albeit tentatively, saying these are just estimates. Knowing the exact cost would "impose a disproportionate financial burden on the system".

With reduced access to information, the NHS has had a lower output of patient care, costing the organisation some £19m in the seven days following the attack.

Then there was the bill for roughly £500,000, for IT support during the attack, as well as the £72m for the two months in the aftermath of the attack.

WannaCry was a ransomware attack which occurred last year in May, and targeted computers and networks all over the world. The NHS was affected, resulting in the cancellation of thousands of appointments.

The attack encrypted information on infected computers, and the victims were asked to pay ransom in cryptocurrency in order to get their data back.

The public accounts committee described the attack as “relatively unsophisticated”.

The committee said: "We recognise that at the time of the attack the focus would have been on patient care rather than working out what WannaCry was costing the NHS. However, an understanding of the financial impact on the NHS is also important to assess the seriousness of the attack and likely to be relevant to informing future investment decisions in cyber security."

“Ransomware is still a very potent threat to organisations of all sizes and phishing has been a very viable delivery mechanism for ransomware attacks," said Mollie MacDougall, threat intelligence manager at Cofense. 

"The NHS has increased infrastructure investment to £60m this year, but if that investment is focused solely on technology solutions, regular back-ups, anti-virus software and wider security technology, it will not be enough – as many phishing emails have the ability to bypass these technologies and land in a user’s inbox. By training and conditioning employees to recognise and report suspicious emails, organisations have a much better chance of stopping active attacks in progress instead of relying on technology alone to do so.

“The healthcare industry is at high risk for cyberthreats and especially ransomware attacks, as interrupted access to their systems can have dangerous and even life-threatening consequences for patients."

Image Credit: Marbury / Shutterstock

Read More




Leave A Comment

More News

TechRadar: Internet news

Latest ITProPortal news

Nouvelles Internet

Dev Pro

TechCrunch » Enterprise

Next INpact – Actualités

PressMyWeb | digital et

Disclaimer and Notice:WorldProNews.com is not the owner of these news or any information published on this site.