WannaCry Ransomware Cost The NHS £92m

By Holly Brockwell on at

The ransomware nightmare that was WannaCry cost the NHS close to £100m when it ripped through vital computer systems like a digital plague last year.

According to Techradar, the Department of Health and Social Care has revealed that the attack cost in the region of £92,000,000. Here's how that breaks down:

  • £500k on IT support during the attack
  • £72m on IT support in the months following
  • £19m from not having access to patient information in the week after the attack

Apparently that figure's just an estimate, though, because finding the actual cost would itself cost too much – as would investing in proper cybersecurity. NHS Digital has brazenly announced that it will be ignoring its own CIO's IT security recommendations because they "wouldn't represent value for money."

For context, the costs of security upgrades that could have prevented WannaCry were in the region of £800m-£1bn, which is a lot, but wasting £100m of taxpayers' money on ransomware is apparently completely fine. Just nine more attacks and the upgrades pay for themselves!

British intelligence publicly blamed North Korea for the cyberattack, which apparently didn't make very much money despite having cost vital healthcare systems a fortune. We'd probably still be dealing with it now if the malware hadn't been stopped in its tracks by British native Marcus Hutchins, aka MalwareTech, who has since been charged with a whole bunch of stuff related to hacking but not involving WannaCry.

Anyone bought the film rights to this saga yet?