NHS systems fell offline for 1,300+ hours over 36 months, cyber-nasties fingered – FoI study

NHS trusts across England experienced more than 1,300 hours of downtime in the last three years, according to results from Freedom of Information (FoI) requests.

Nearly a third of the trusts (25 out of 80) that responded to an FoI request from Intercity Technology admitted they had experienced outages across their IT systems between January 2015 and February 2018.

Of the 25 trusts that endured a digi-blackout, 14 did so as a result of a security breach. In total, the trusts experienced 18 security breaches over the last three years, causing 18 days of downtime.

These attacks included the infamous WannaCry ransomware outbreak in May 2017, while others fell victim to the Locky and Zepto malware, the most severe of which knocked systems offline for two weeks.

One trust alone experienced an average of one breach per year, while others referenced cyber attacks that affected servers, PCs and internal systems. Another trust suffered problems after an unauthorised device was plugged into a network. This disrupted the business of two wards last year, resulting in downtime of approximately two hours.

Five trusts took their systems offline as a precautionary measure, in response to the WannaCry attack.

Intercity Technology sent 143 NHS Trusts in England FoI requests in February 2017. Eighty responded. ®