Skip to 0 minutes and 12 seconds Day to day my job as head of resilience and patient flow is to prepare our organisation to face those threats and incidents which might challenge the services So, about lunchtime on the Friday we became alerted to what we then suspected and subsequently did know was a cyberattack attacking the networks. At that point we didn’t know that was called WannaCry. However our IT teams were confident that it definitely was a cybersecurity attack and therefore we needed to implement measures to protect the IT infrastructure in the organisation. In terms of precursor signs there were none. We have routine firewall systems that are looking for signs of attack. Our IT systems constantly monitor the health of the network.
Skip to 0 minutes and 51 seconds But in terms of this particular circumstance the first thing we knew was that it happened. And that was the nature of what we were facing was a day zero attack that we couldn’t have foreseen but was very rapidly developing and requiring us to respond. And if I use the analogy of the flu vaccine we try to prepare a vaccine every year that we think are the types of strains that might happen that year and quite often we’re successful. In this particular case the level of protection wrapping around our IT system was not prepared because nobody had ever seen it before.
Skip to 1 minute and 21 seconds The key impacts that we faced at the time and like many other NHS organisations is that technology is becoming more and more prevalent through the delivery of healthcare. Everything from the front door when you check into the hospital through to your x-rays, your bloods, your notes, your pharmacy records; everything is electronic. Take that away from the care organisation and you are faced with a very difficult situation and potentially that has a serious consequence on the care that we can deliver to those patients.
Skip to 1 minute and 48 seconds Inside the hospital electronic patient records become invisible and therefore being able to know what care we have to give you are defaulting to paper systems which people aren’t familiar with because on a day-by-day basis that’s not their routine. Nevertheless no patient came to any harm. We seamlessly transitioned from electronic to paper. We quickly set up IT teams to respond internally and no patient ever saw a difference in the level of care that they received for the duration of the incident.
Public sector case study: UK NHS WannaCry cyber-attack
We will now explore an example of how incidents are responded to by a public sector organisation.
Watch the video in which Stuart Hosking-Durn, the head of resilience and patient flow with the Morecambe Bay Trust (a NHS provider), describes the response to the WannaCry cyber-attack that affected IT systems in the spring of 2017.
WannaCry was a ransomware cryptoworm, targeting computers running Microsoft Windows. The worm encrypted affected disks, making data unobtainable and then demanded ransom payments that were to be paid using the Bitcoin cryptocurrency.
The Morecambe Bay NHS Trust had a business continuity management system in place but they were still affected by the WannaCry attack.
Discuss how you think the system allowed them to ensure that no patient was affected, despite the unforeseen attack.