Upgrading to Windows 10 may help the UK's hospital system prevent future cyberattacks and offers a simpler system for patching and upgrades.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- The UK's National Health Service will move all devices to Windows 10 to protect against future attacks like WannaCry.
- Windows 10 will allow NHS branches to update their systems for free online, to better detect viruses, phishing attacks, and malware.
The UK Department of Health and Social Care inked a deal with Microsoft to move all National Health Service (NHS) organizations to Windows 10 to protect against future cyberattacks, Microsoft announced Saturday.
Last year, the WannaCry ransomware attack took out banks, public transit systems, and hospitals worldwide. It hit the NHS particularly hard, affecting more than one third of NHS branches and leading to the cancellation of 20,000 hospital appointments and operations, as well as patients getting diverted from emergency rooms unable to treat them. Some hospitals did not return to normal operations for weeks, as reported by our sister site ZDNet.
Upgrading NHS devices to Windows 10 will improve the organization's security posture, Microsoft said in a press release, as well as its ability to respond to attacks.
SEE: Incident response policy (Tech Pro Research)
"We know cyber attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust," Jeremy Hunt, health and social care secretary, said in the release. "We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS as far as reasonably possible against this threat. This new technology will ensure the NHS can use the latest and most resilient software available - something the public rightly expect."
The deal comes after a recent report from the UK's Committee of Public Accounts, which found that nearly a year after WannaCry, several UK organizations have not adequately improved their cybersecurity practices to prevent future attacks. Part of the issue was that many healthcare branches did not have the means to update and protect systems without disrupting patient care, the report found.
The Microsoft plan may address this, as it will allow NHS branches to update their systems for free online, to better detect viruses, phishing attacks, and malware, and isolate infected machines before the issue can spread, according to the release. This also highlights the value of SaaS offerings, as they can be more easily updated against new threats.
When any organization is hit with a cyberattack or uncovers a vulnerability, they must come up with a plan for recovery and patching and implement it quickly. Otherwise, they leave themselves at great risk for future attacks.
Since 2017, the UK government has invested £60 million ($82.4 million USD) to address cybersecurity vulnerabilities in the NHS, and has pledged £150 million ($206 million USD) more over the next three years, which includes setting up a new NHS Digital Security Operations Centre.
- 17 tips for protecting Windows computers and Macs from ransomware (free PDF) (TechRepublic)
- WannaCry ransomware report: NHS is still not ready for the next big attack (ZDNet)
- Ransomware: A cheat sheet for professionals (TechRepublic)
- Basic patching mistakes left NHS open to WannaCry attack (ZDNet)
- New cryptojacking attack uses WannaCry exploit to mine on Windows servers (TechRepublic)