Introducing Illumio Insights — breakthrough AI-powered observability, detection, and containment.
Explore Insights
Experienced a Breach?
|
Support
|
Contact Us
|
+1 855 426 3983
ZERO TRUST HUB ARCHIVE/ WEEKLY BRIEFING

Inside the Attack: How WannaCry Almost Halted a Life-Saving Operation

Illumio Zero Trust Hub Editorial
November 3, 2025
7 min. read
Young Florence Filby

In May 2017, Adam Filby’s seven-year-old daughter, Florence, was gravely ill. Born with a rare liver condition called biliary atresia, her liver had failed, and the only way to save her life was a liver transplant.

Miraculously, Adam was cleared to donate part of his liver. And just as he was being wheeled into the operating room, a digital crisis was unfolding: the 2017 WannaCry ransomware attack.

At the same moment surgeons began removing part of Adam’s liver, WannaCry was sweeping through the UK’s National Health Service (NHS), exploiting an unpatched Windows vulnerability and encrypting files across thousands of systems.

When Adam awoke hours later, groggy from anesthesia, he expected to be in the ICU. Instead, he was in a hospital corridor with a nurse telling him the hospital was under cyberattack.  

Florence Filby grown up

Florence was mid-surgery and minutes away from receiving her father’s liver. If the attack had struck the hospital just an hour earlier, her surgery would have been canceled.  

Thankfully, Adam’s and Florence’s surgeries were successful. Florence is now a happy, healthy 16-year-old.

This is the reality of cyberattacks against critical infrastructure like healthcare. People’s lives are at stake, and without a Zero Trust strategy, no amount of medical expertise can protect patients when technology fails.

Why healthcare organizations need a Zero Trust strategy

The healthcare sector is a prime target for cybercriminals. It’s highly connected, time-sensitive, and often underfunded when it comes to IT.  A single ransomware attack costs money. But more important, it costs healthcare organizations valuable time, resources, and even lives.

That’s why Zero Trust is a necessity.

A Zero Trust approach assumes breach. It limits trust between systems, segments networks so attackers can’t move laterally, and ensures that if one device is compromised, the blast radius is contained.  

What it takes to build Zero Trust in healthcare

In healthcare, Zero Trust is a matter of operational continuity and patient safety. Here’s what that strategy needs to include:

1. Microsegmentation across critical systems

Hospital networks, like many other industries, are flat by default. This means threats in radiology can quickly reach labs, electronic health records (EHR) systems, smart medical devices, and even patient-monitoring equipment.  

Microsegmentation limits lateral movement by isolating systems and enforcing least-privilege access between them.

2. Real-time visibility into traffic and communications

Zero Trust starts with understanding how everything communicates across hybrid cloud, data center, and on-premises environments.  

Healthcare organizations need always-on visibility into device-to-device and application-to-application traffic to identify vulnerabilities before attackers do.

3. Strict identity and access controls

Whether it’s a physician logging into an EHR or a device transmitting patient vitals, identity must be verified and privileges must be tightly scoped. This makes multi-factor authentication (MFA), just-in-time access, and behavioral analytics are foundational.

4. Breach containment that works instantly

Healthcare systems don’t have time to wait for manual security processes to kick in when there’s a breach. Breach containment must be fast, automated, and surgical.  

With breach containment in place, an infection in one hospital system doesn’t paralyze others or cascade across departments.

5. Protection for legacy and IoT devices

Most hospitals rely on legacy devices that can’t run modern agents, plus thousands of IoT endpoints. These need agentless visibility and segmentation controls based on how they behave and interact.

Cybersecurity can’t be the weak link in patient care

In his role at Illumio, Adam now supports many healthcare organizations across Northern Europe.  

The good news is that the cyber threat against the healthcare industry is well understood. “Hospitals are taking this seriously,” he said, “and they want to move faster.”

That urgency makes sense. The risks aren’t hypothetical anymore. A single breach can mean delayed surgeries, missed treatments, or life-threatening disruptions.

Every day, healthcare professionals are forced to work around cybersecurity failures. Critical infrastructure is left exposed because organizations assume they won’t be targeted or that legacy security is enough.

But the stakes are too high to keep waiting.

Adam said it best: “Doctors and nurses already have enough to worry about. They shouldn’t also have to ask, ‘Is my equipment going to fail? Will we lose power? Will the network go down in the middle of surgery?’”

That’s why healthcare organizations need a Zero Trust strategy. In an environment where every second counts, cybersecurity has to work as reliably as the medical care itself.

Zero Trust Resources

Report

2025 Global Cloud Detection and Response Report

Discover how 1,150 global cybersecurity leaders are tackling alert fatigue, blind spots, and lateral movement in the hybrid multi-cloud.

Read now
eBook

Strategies for DORA Compliance: Key Role of Zero Trust Segmentation

Is your organization ready for the January 2025 DORA deadline? Discover key strategies for cyber resilience and how Illumio Zero Trust Segmentation simplifies compliance.

Read now
GUIDE

Zero Trust Segmentation for Dummies

Breaches are inevitable, but the damage isn’t. Zero Trust Segmentation for Dummies simplifies how to stop threats from spreading, protecting your organization before they cause harm.

Read now

Ready to learn more about breach containment?

See the Platform