Reading between the lines today, it seems that the NHS were not using the latest MS s/w, thus not getting regular security updates - maybe. Also, it seems they maybe had no offsite up-to-date data backups which they could use to reboot their systems ? We learned to do this decades ago where I worked, so if I am right, I am really surprised... ( I could be totally wrong, of course..) The MS patch for this issue came out a while back, apparently.