Threads / Government Digital Strategy Implementation / In our 2018 report on the WannaCry Cyber-attack on the NHS,…
Committee Material Published 6 Nov 2020 ↗ View on Parliament

In our 2018 report on the WannaCry Cyber-attack on the NHS, we found that the Department and its arm’s-length bodies were unprepared for the relatively unsophisticated WannaCry attack and had a lot of work to do to improve cyber-security for when, and not if, there was another attack.39 We asked how the NHS was ensuring that it had the skills it needed to manage the risks of future cyberattacks, NHS Digital acknowledged that there remained a “significant cyber risk” associated with legacy IT ...

In our 2018 report on the WannaCry Cyber-attack on the NHS, we found that the Department and its arm’s-length bodies were unprepared for the relatively unsophisticated WannaCry attack and had a lot of work to do to improve cyber-security for when, and not if, there was another attack.39 We asked how the NHS was ensuring that it had the skills it needed to manage the risks of future cyberattacks, NHS Digital acknowledged that there remained a “significant cyber risk” associated with legacy IT systems, which were especially vulnerable to cyber-attack.40 It admitted that the NHS “desperately need skills” in cyber security. It told us that it was Type: conclusion | Number: 20 | Response status: not_addressed