Amidst a heated debate on healthcare in the United States, White House Homeland Security advisor Tom Bossert has stated Britain’s National Health Service was significantly affected by last week’s ransomware cyber attack due to the centralized nature of the health system.
Speaking to journalists at a White House briefing on Monday, Mr. Bossert asserted, following a call with his UK counterpart:
We continue closely monitoring the situation around the clock at the highest levels of government. We’re bringing all the capabilities of the U.S. government to bear on this issue, and are working side-by-side with our partners in the private sector and our international partners. I spoke moments ago with my counterpart in Great Britain and learned an update from them that they have a feeling of control over this ransomware event and that as their affected computers seemed to have been tied to this is a fact that their healthcare system is so large in network.
Britain’s National Health Service (NHS) is what Americans would refer to as a “single payer” system — commonly believed to be the preferred route of the Democrat Party and former President Barack Obama’s first choice for healthcare reform in the United States prior to the passage of the Affordable Healthcare Act, also known as Obamacare.
NHS information technology systems as well as procurement is centralized, as one might expect of a single payer system.
As a result, many NHS computers are still using Windows XP, an operating system no longer supported by its creator Microsoft.
In contrast with the United States or other healthcare systems around the world, the NHS is, as Mr. Bossert stated, “large in network” leaving it more vulnerable to widespread attack than individual hospitals running their own systems. It is also more vulnerable to a lack of innovation, as hospitals (trusts) are forced to use the same systems and materials rather than finding bespoke solutions for themselves and their patients.
“They are painfully aware, though, of the fact that this is a global attack, as are we. As of this morning, it has reached approximately 150 countries and infected more than 300,000 machines,” said Mr. Bossert. “The good news is the infection rates have slowed over the weekend. We had been concerned about that when last we talked”.
NHS spokesmen have claimed the organisation’s digital arm sent a patch through “weeks ago” that would have stopped the ransomware attack. It has not commented upon why these patches were not installed.
“NHS Digital issued a targeted update on a secure portal accessible to NHS staff on April 25, and then via a bulletin to more than 10,000 security and IT professionals on April 27 to alert them to this specific issue.”
“These alerts included a patch to protect their systems. This guidance was also reissued on Friday following emergence of this issue.”
Around one in three NHS trusts have been subject to ransomware attacks since 2015, a Freedom of Information request revealed.
“The ransomware has disrupted telecommunications companies, hospitals, and other organizations,” said Mr. Bossert, adding: “The UK National Health Care Service announced 48 of its organizations were affected, and that resulted in inaccessible computers and telephone service, but an extremely minimal effect on disruption to patient care. That was something quite evident in my conversation”.
The Labour Party in the United Kingdom, instead of calling for increased localization and a reduction in the centralization of the NHS, has called for more taxpayer cash to be ploughed into the system, despite the NHS’s budget having skyrocketed from £60bn in 1998/99 to £122bn in 2016/17.