Aabyss Blog Heading Background

    News & Opinion

    Gain the edge on the world of business technology and cyber security

    How one email crippled the NHS.

    Posted by Andrew Allen | 19-Dec-2016 12:03:06
    isolated-1188036_1280[1].png

    There’s a good reason why businesses rely on email providers such as MailChimp to send high volume broadcasts and this became obvious to one worker last month who inadvertently crashed the entire NHS mail system.

    A test email sent to all 1.2 million NHS staff managed to bring down the email system for hours, causing serious disruption.

    The problems began when a senior ICT delivery facilitator added everyone in the NHS to a mailing list by accident. This list was then sent as a test email, which many staff members did not appreciate receiving and unfortunately chose to ‘reply all’ to ask to be unsubscribed. On top of that, read receipt requests were being made by some senders.

    This mountain of requests acted similarly to a Distributed Denial of Service attack (DDoS) – essentially, the system was unable to process all of these server requests at once, causing it to crash. Around 840,000 NHS employees were unable to access NHSmail and emails were delayed by up to three hours.

    NHS staff members took to Twitter to complain about the mistake, with one staff member claiming he’d received 390 replies in just one day. Apparently, the mail list everyone was added to was only supposed to include GP practices in Croydon.

    Microsoft Exchange is the email system NHSmail runs on, which responded to its mistake by disabling the dynamic distribution list.

    “An issue with a distribution list has meant that several test emails have been widely received by users,” a spokesperson explained. “This has been exacerbated by recipients replying in response and increasing the volume of emails associated with the list.

    “The impact of this issue has meant that some users are unable to access Outlook Web Access due to the volume of emails being circulated. The distribution list has been removed and associated emails are being traced and cleared.”

    It is claimed that the NHSmail system is unreliable at the best of times, as emails can often take as long as a day to arrive. If only there were a way to attach blue flashing lights and a siren…

    Topics: Cybersecurity, Security

    Written by Andrew Allen

    My personal and business life. I am lucky to have supportive friends and family, and although I am competitive, I try to put others first. I am an active Rotarian, helping support local and international charities. As a former member of Mountain Rescue, I enjoy spending time with my family in the mountains. We regularly travel to experience new cultures and cuisine; I’m a bit of a foodie! In my day job as Chief Executive, I am responsible for ensuring we stay true to our purpose and values. In a strategic capacity, I am also responsible for developing relationships with key partners and major accounts. I love working with ambitious, growing companies who want to challenge themselves and the status quo. Technology, when properly leveraged, can help an organisation differentiate and beat their competition. It's a real joy to make a difference.

    LinkedIn

    Leave a Comment

    Recent Posts

    Topics

    see all