Skip main navigation

Public sector case study: UK NHS WannaCry cyber-attack

to come
Day to day my job as head of resilience and patient flow is to prepare our organisation to face those threats and incidents which might challenge the services So, about lunchtime on the Friday we became alerted to what we then suspected and subsequently did know was a cyberattack attacking the networks. At that point we didn’t know that was called WannaCry. However our IT teams were confident that it definitely was a cybersecurity attack and therefore we needed to implement measures to protect the IT infrastructure in the organisation. In terms of precursor signs there were none. We have routine firewall systems that are looking for signs of attack. Our IT systems constantly monitor the health of the network.
But in terms of this particular circumstance the first thing we knew was that it happened. And that was the nature of what we were facing was a day zero attack that we couldn’t have foreseen but was very rapidly developing and requiring us to respond. And if I use the analogy of the flu vaccine we try to prepare a vaccine every year that we think are the types of strains that might happen that year and quite often we’re successful. In this particular case the level of protection wrapping around our IT system was not prepared because nobody had ever seen it before.
The key impacts that we faced at the time and like many other NHS organisations is that technology is becoming more and more prevalent through the delivery of healthcare. Everything from the front door when you check into the hospital through to your x-rays, your bloods, your notes, your pharmacy records; everything is electronic. Take that away from the care organisation and you are faced with a very difficult situation and potentially that has a serious consequence on the care that we can deliver to those patients.
Inside the hospital electronic patient records become invisible and therefore being able to know what care we have to give you are defaulting to paper systems which people aren’t familiar with because on a day-by-day basis that’s not their routine. Nevertheless no patient came to any harm. We seamlessly transitioned from electronic to paper. We quickly set up IT teams to respond internally and no patient ever saw a difference in the level of care that they received for the duration of the incident.
We will now explore an example of how incidents are responded to by a public sector organisation.
Watch the video in which Stuart Hosking-Durn, the head of resilience and patient flow with the Morecambe Bay Trust (a NHS provider), describes the response to the WannaCry cyber-attack that affected IT systems in the spring of 2017.
WannaCry was a ransomware cryptoworm, targeting computers running Microsoft Windows. The worm encrypted affected disks, making data unobtainable and then demanded ransom payments that were to be paid using the Bitcoin cryptocurrency.

Your task

The Morecambe Bay NHS Trust had a business continuity management system in place but they were still affected by the WannaCry attack.
Discuss how you think the system allowed them to ensure that no patient was affected, despite the unforeseen attack.
This article is from the free online

Business Continuity Management and Crisis Management: An Introduction

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education