BMJ released a report[0] just two days ago alleging that up to 90% of the NHS's computers are still running XP.
> Many hospitals use proprietary software that runs on ancient operating systems. Barts Health NHS Trust’s computers attacked by ransomware in January ran Windows XP. Released in 2001, it is now obsolete, yet 90% of NHS trusts run this version of Windows.
It appears the Theresa May is trying to deflect attention from the fact that there has been massive under investment in NHS IT infrastructure by reinforcing that it is a 'international attack on a number of countries and organisations'.
Whilst this is true, it's probably also true that the impact of this attack is highly concentrated across organisations with chronic under-investment and a laissez-faire attitude to security.
>Whilst this is true, it's probably also true that the impact of this attack is highly concentrated across organisations with chronic under-investment and a laissez-faire attitude to security.
Good developers are rare enough, but good IT security and security-minded developers are even more rare. And it's even more rare that they decide to work within healthcare.
There just isn't enough of you to go around and you can't be everywhere.
Even if you can afford to have a dedicated pentesting team (I'd like to work at a healthcare system/hospital network that did), physical security is still a major problem if only because it's very easy to impersonate people.
BMJ released a report[0] just two days ago alleging that up to 90% of the NHS's computers are still running XP.
> Many hospitals use proprietary software that runs on ancient operating systems. Barts Health NHS Trust’s computers attacked by ransomware in January ran Windows XP. Released in 2001, it is now obsolete, yet 90% of NHS trusts run this version of Windows.
[0] http://www.bmj.com/content/357/bmj.j2214