In 2017 the NHS fell victim to the WannaCry ransomware attack, causing severe disruption and causing the UK’s health service £92m. On top of that, 19,000 patient appointments were cancelled. The attack was launched with malicious code placed in commonly used software.
As a result, health systems prompted a renewed focus on cyber defences. Especially, as there have been several attacks on a variety of healthcare organisations since. These include dental practices, private hospitals and small clinics. One example of this occurred in Finland, where the confidential treatment records of thousands of psychotherapy patients were hacked and leaked online. Many were blackmailed to keep their data private.
Adrian Byrne, chief information officer of the University Hospital Southampton NHS Foundation Trust (UHSFT) said: “There has been a significant fallout from WannaCry — the NHS is now much more concerned with how people are handling security in their individual organisations.”
A report from Veritas in 2020, found that 39% of healthcare companies had been hit by a ransomware attack. While ransomware may target businesses and organisations, it is the patients who suffer the most.
