According to The Times, all 200 hospitals and other NHS organisations have failed new cybersecurity tests according to MPs.
In the wake of last year’s crippling cyber attack, it has been discovered that many hospitals have not yet fixed the original vulnerability.
The public accounts committee (PAC) says it is a matter of “when, not if” and that “cyberattacks are now a fact of life and that the NHS will never be completely safe from them.”
Currently, the UK is braced for cyberattacks on vital public services, including the NHS, from hackers based in and backed by Russia.
Meg Hillier, chairwoman of the PAC, said: “Government must waste no time in preparing for future cyberattacks — something it admits are now a fact of life. It is therefore alarming that, nearly a year on from WannaCry, plans to implement the lessons learnt are still to be agreed.”
All 200 trusts tested on cybersecurity by NHS Digital have failed, the MPs said: “We are told that this was because a high bar had been set for NHS providers to meet the required standard but some of the trusts had failed the assessment purely because they had still not patched their systems — the main reason the NHS had been vulnerable to WannaCry.”
Ms Hillier added: “I am struck by how ill-prepared some NHS trusts were for WannaCry, in many cases failing to act on warnings to patch exposed systems because of the anticipated impact on other IT and medical equipment.”
Last year, almost 20,000 hospital appointments and operations were cancelled during last year’s WannaCry attack.