NHS WannaCry Ransomware Attack: Technical Explanation of The Vulnerability, Exploitation, and Countermeasures

Abstract

To ascertain the consequences of the 2017 WannaCry ransomware attack on the National Health Service (NHS), a systematic investigation of Hospital Episodes Statistics (HES) data was conducted to identify the missed appointments, fatalities, and financial expenses linked to the WannaCry ransomware attack. Outpatient appointment cancellations, hospital emergency and elective admissions, visits to accident and emergency (A&E), and deaths in A&E were the key output tracked. During the week of the ransomware incident, there was no appreciable difference in overall activity between all trusts compared to the baseline. Trusts had 1% fewer accident and emergency visits a day than at baseline, and 1% more admission to the emergency departments. Although there were much fewer elective and emergency admissions in hospitals that had been directly infected by the ransomware, there was nevertheless a daily drop in admissions of roughly 6%, with 4% fewer emergency departments visits, and 9% fewer elective admissions. There was no discernible mortality difference. The reduced activity at the affected trusts over this time had a total economic impact of £5.9 million, which included £0.6 million in lost accident and emergency activity, £1.3 million in lost outpatient consultations, and £4 million in missed inpatient admissions. There was a considerable drop in attendance and admissions among hospitals targeted and affected by the WannaCry ransomware attack, resulting to a loss of hospital activity of £5.9 million. Even though this is a rudimentary indicator of patient damage, there was no documented increase in mortality. To fully understand how a cyberattack or IT problems may affect patient safety and care delivery, more research is required.