Does the UK have the option to sue the NHS for gross negligence?
It looks like there's a history of this sort of thing, and it doesn't seem like the NHS has taken reasonable steps to mitigate the threat, if they have to rely on volunteers to resolve what should be resolved by an action plan.
Collier, R. (2017). NHS ransomware attack spreads worldwide.
The article indicates that the issue was with a private third party that analyzes blood for their hospitals. It also specially references the 2017 attack, and states that the NHS has taken steps to improve their security.
Does anyone really believe it's possible for regular enterprises and government agencies to improve computer security to the extent that it's impossible to be attacked? Event CISA was owned due to one of the many Ivanti bugs[0]
The only real way to resolve this problem is to for critical services to stop relying on networked computers for their functions or to have a mandated and audited business continuity plan that is routinely practiced for when the computers inevitably stop working either due to an attack or just routine failures.
It looks like there's a history of this sort of thing, and it doesn't seem like the NHS has taken reasonable steps to mitigate the threat, if they have to rely on volunteers to resolve what should be resolved by an action plan.
Collier, R. (2017). NHS ransomware attack spreads worldwide.