Overlooked and under-reported: the impact of cyberattacks on primary care in the UK National Health Service (July 2025)

Summary

Rapid digitisation and interconnectivity of the UK NHS among hospital trusts, general practices, and patients help to streamline patient care across sectors. However, this increased connectivity also raises the NHS's vulnerability to cyberattacks. Cyber threats targeting health-care systems are increasing on a global scale, but cybersecurity in health care has not advanced as fast as in other critical sectors such as energy, finance, and transportation. As bad actors become more sophisticated in perpetrating further attacks, discussions regarding the NHS’s resilience to cyberattacks have intensified.

As cybercriminals are using increasingly sophisticated techniques such as artificial intelligence and machine learning to automate attacks, evade detection, and exploit vulnerabilities at scale, resilience to cyberattacks should become a priority for every individual within the healthcare system. Without understanding the true impact of these attacks on all aspects of healthcare systems, resilience plans will continue to be lacking. The NHS's digital transformation and expanded data integration make cybersecurity a crucial, often overlooked, patient safety issue, particularly in primary care.