Comms Lessons from the WannaCry Cyberattack

Unless you’ve been hiding under a rock for the past week, you’ll know that the NHS was crippled by the worst global ransomware cyberattack in history. Appointments were cancelled and ambulances diverted as more than 40 hospitals were infected with the aptly-named ‘WannaCry’ ransomware.

Ransomware is a kind of cyberattack that involves hackers taking control of a computer system and blocking access to it until a ransom is paid. In this case, staff could not access vital medical records.By Friday evening, the attack had spread to 99 countries, affecting international companies such as international shipper, FedEx Corp in the US, and Germany’s main rail operator, Deutsche Bahn. The scale of the attack was completely unprecedented.

Where did the attack come from?

A computer hacking group known as Shadow Brokers was at least partly responsible for the attack. It’s claimed the group, which has links to Russia, stole US National Security Agency cyber tools designed to access Microsoft Windows systems, and dumped the technology on a publicly accessible website, where online criminals could access it and hold the world to ransom.

How did the NHS respond?

In some hospitals, the attack completely shut down services, from chemo suites and A&E. Phone calls were unanswered and prescriptions couldn’t be issued. In others, clinical staff were forced to agree a plan of action as the crisis was taking place. With phone lines and internal comms down, they used texts and social media to communicate with each other and to get information out to patients and their families.

Publicly, the response was haphazard, disjointed and lacking a credible security spokesperson from the NHS. The public was looking for someone with gravitas to stand up, provide reassurance and guide the public through the turbulence that the cyberattack created. But this didn’t happen. Instead there was widespread confusion and disruption as patients arrived for appointments that were promptly cancelled, with no explanation.

How should the NHS handle the crisis going forward?

The NHS needs to address the IT and comms challenges related to the attack quickly, to regain our already limited trust on their guardianship of our data. They need a confident spokesperson from their online security team to acknowledge the dynamic nature of the threat while reassuring us that our data is safe and they are putting all their efforts into ensuring it doesn’t happen again.

What can businesses learn from the WannaCry attack?

The sad truth is cyberattacks aren’t going away. If anything, they’re becoming more frequent as we rely more and more on technology to run businesses. In fact, Government figures released last year showed that two thirds of large British businesses suffered a cyberattack in the preceding 12 months. This is hugely significant, not just for IT teams, but for communications teams as well. Because for many brands, given the proliferation of attacks, it’s now a question of when rather than if they become a victim.

Responding to cyberattacks must be part and parcel of your crisis communications plan, if it isn’t already. If key stakeholders, customers, shareholders and colleagues feel they’ve been kept in the dark, it can damage your brand. Therefore, it’s critical to ensure your security systems are up-to-date, and your crisis plans are up-to-date too, and teams must be properly trained to handle issues that, increasingly, seem inevitable.

Get prepared

Whether its theft of customer data, financial information, or complete networking paralysis, a cyberattack can be extremely distressing and costly. But the long-term damage to your brand if you fail to communicate properly in the aftermath could be even more severe.

Crisis communications is by nature reactive, so, if your business isn’t prepared for a cyberattack, it’s time to stop burying your head in the sand.