WannaCry anniversary: the lessons to take forwards in 2025

Eight years ago, ransomware emerged as a new and destructive threat for The NHS when WannaCry hit. Almost a decade later, these threats have only intensified in scale and frequency, with the Synnovis attack resulting in thousands of cancelled medical appointments in 2024. Since then, the NHS has taken positive steps to address these threats, launching a comprehensive cybersecurity guide earlier this year. It outlines the need for information sharing to be secure, effective, and interoperable.

To facilitate this, hospitals will need to deploy technology that manages all patient data and customer information with secure storage, encryption, and stringent access controls. Tools such as intelligent document management make it far easier to track user activities, set access permissions, and provide detailed audit trails of document access. A digital ‘paper trail’ makes it easy for users to identify suspicious access attempts and alert IT teams, who can take immediate action before a compromise snowballs and impacts patient care.