IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NHS gets £21m to boost cyber defences after WannaCry ransomware

Government funding comes hand-in-hand with stricter data security measures

NHS hospitals will receive 21 million to upgrade their cyber security measures following the WannaCry attacks that wreaked havoc on NHS IT systems earlier this summer.

The Department for Health (DfH) announced the funding yesterday as the government accepted all the recommendations set out by the National Data Guardian review and the Care Quality Commission review into data security standards, carried out before the ransomware debacle.

Health minister Lord O'Shaughnessy said in a statement: "The NHS has a long history of safeguarding confidential data, but with the growing threat of cyber attacks including the WannaCry ransomware attack in May, this government has acted to protect information across the NHS.

"Only by leading cultural change and backing organisations to drive up security standards across the health and social care system can we build the resilience the NHS needs in the face of a global threat."

The 21 million will be spent on increasing cyber security measures of major trauma hospitals, with the government calling this "an immediate priority", as well as boosting NHS Digital's national monitoring and response capabilities.

It also prioritised finding a way to finally migrate NHS systems from Windows XP, the Microsoft operating system that expired three years ago.

XP was at first identified as a prime attack vector for the WannaCry ransomware attacks in May due its lack of security updates, until Kaspersky Lab discovered that the in-support Windows 7 accounted for 97% of operating system among affected machines.

WannaCry locked NHS files, demanding a ransom be paid to unlock them again, causing chaos for 48 hospitals relying on this data for upcoming operations and appointments, many of which had to be cancelled.

The DfH also said NHS trusts will have to bring their policies in line with the National Data Guardian's recommendations - outlined in a report last year - that are designed to bolster healthcare data protection standards.

These include carrying out security training for staff, reviewing processes annually, and drawing up contingency plans for data security threats.

NHS Digital will support hospitals by carrying out on-site assessments and sharing best practice among UK trusts, as well as raising general awareness through broadcast ads and providing a hotline for dealing with cyber incidents.

The funding and stricter cyber security measures were part of a response to the CQC and National Data Guardian's reviews, which had warned of the likelihood of an impending cyber threat.

In the fallout after the WannaCry attacks, the Chartered Institute of IT blamed the security breaches on a lack of investment and accountability for IT security measures within the NHS.

Picture: Bigstock

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Recommended

Nvidia rolls out AI platform across NHS hospitals
artificial intelligence (AI)

Nvidia rolls out AI platform across NHS hospitals

29 Nov 2022
Automation is helping the NHS clear its patient backlog, but not as quickly as expected
automation

Automation is helping the NHS clear its patient backlog, but not as quickly as expected

28 Sep 2022
UK, US condemn Iran for ‘unprecedented’ cyber attack against Albania
cyber attacks

UK, US condemn Iran for ‘unprecedented’ cyber attack against Albania

8 Sep 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Defra's legacy software problem 'threatens' UK gov cyber security until 2030
Business strategy

Defra's legacy software problem 'threatens' UK gov cyber security until 2030

6 Dec 2022
US seizes millions in stolen COVID relief funds by China-backed hackers
Policy & legislation

US seizes millions in stolen COVID relief funds by China-backed hackers

6 Dec 2022