UK Edition
WannaCry cyber attack cost the NHS £92m as 19,000 appointments cancelled
A devastating global cyber attack that crippled computers in hospitals across the UK has cost the NHS £92m, a report from the Department of Health has found.
The so-called WannaCry hack, which shut down hundreds of thousands of computers around the world with messages from hackers demanding ransom payments, hit a third of hospital trusts and 8pc of GP practices. Around 1pc of all NHS care was disrupted over the course of a week.
The hack caused more than 19,000 appointments to be cancelled, costing the NHS £20m between 12 May and 19 May and £72m in the subsequent cleanup and upgrades to its IT systems.
The cyber attack caused 200,000 computers to lock out users with red-lettered error messages demanding the cryptocurrency Bitcoin. The attack was blamed on elite North Korean hackers after a year-long investigation.
At the time of the attacks, the NHS was criticised for using outdated IT systems, including Windows XP, a 17 year-old operating system that could be vulnerable to cyber attacks.
In a report from the Department of Health, the Government said it had continued to invest in its cyber security and infrastructure to prevent similar attacks.
The NHS has increased infrastructure investment of £60m this year to the most vulnerable services, such as major trauma centres and ambulance services. The Government said it had committed £150m to upgrading its technology systems over the next three years.
The NHS also this year signed a new deal to upgrade local NHS computers to Microsoft's Windows 10.
The report said: "The results have shown that organisations have made good progress in implementing the data security standards related to people and process, but that those relating to technology continue to be challenging."
The WannaCry cyber attack hit businesses around the world, including Renault and FedEx and crashed thousands of ordinary peoples' computers.
Last month, US prosecutors pinned blame for the attacks on North Korean hackers the Lazarus Group. While the attack didn't specifically target the NHS, it spread over the internet using a leaked hacking tool developed by the US spy agency the NSA.