Way back in April (I know, it’s a fair way back to remember) we wrote about the importance of having a human involved in your IT. This came off the back of 2 disaster stories at the time – some printers in the US that started spewing out anti-Semitic messages and a Twitter AI bot who had a meltdown and ‘learnt’ how to be a racist, hate filled citizen of the internet. We still very much agree with our sentiment at the time. Technology should never be left to self-programme or self-govern – that’s how Terminators are born! But sometimes humans can also cause more problems when they solve when it comes to IT. Case in point, last week’s fiasco at the NHS.
At 8.40am on Monday the 14th of November, NHS workers all over England had a bit of a shock. An IT contractor had been working on some issues with their secure email server, and sent a test email as part of the diagnostic process. Unfortunately, instead of just going to the affected accounts, the email instead went out to every single NHS worker in the UK. All 840,000 of them. It’s unclear whether this was a simple oversight or if a bug in the system was partly to blame (the firm has changed their story on this a few times), but needless to say the NHS workers were unimpressed. Thousands started sending emails back asking to be taken off the list, unaware that their hitting ‘reply all’ was making the problem much worse. By 10am, when the list was disabled, over 200 million unnecessary emails had been sent. Unsurprisingly the email system crashed under the weight of all of these emails, which continued to come throughout the day.
For some of the people on that list, the result of this error was nothing more than mild frustration that their emails weren’t working. For others, however it caused serious problems for their communication and ability to give care. One doctor commented ‘My NHS email is very important to me because it’s the only secure way I can send and receive anything safely about my patients. So, this is a major problem [and] potentially a risk to patients.’ Because the system is principally used by GP surgeries and community care workers, thousands of healthcare professionals who rely on their emails to exchange vital patient information were left stranded and unable to access the data they needed to do their jobs.
Essentially what the NHS have done is carried out a DDoS (Distributed Denial of Service) attack on their own servers – meaning they made their own systems unavailable to users. Now some people are claiming that this happened because of a bug in the system the contractor was testing, but many more are convinced that the original press release from the NHS is closer to the truth – the contractor didn’t realise he was sending a test email to everyone in the database. It’s a simple mistake, one that many of us have done before on a much smaller scale by sending an email to the wrong person, not realising there were BCC’s or hitting ‘reply all’. But in this case, it had much more serious consequences.
This incident really highlights the other side of the coin when it comes to human’s involvement in IT. On the one hand, technology has evolved to such a sophisticated level that human interaction can be kept to a bare minimum with large amounts of success, but on the other hand not having any human involvement can cause a lot of issues, from simple errors to multi-million-pound data breaches. For more information on any of the issues discussed here, or to find out more about how we can make your It more efficient and cost effective, get in touch today.