In a stark reminder of the fragility of our digital world, over 100 hospitals across Romania were hit by a coordinated cyber-attack on Wednesday. But instead of paralysis, the healthcare system responded with a defiant return to the most basic of tools: pen and paper. Doctors scribbled prescriptions, nurses recorded patient charts on paper sheets, and administrative staff resorted to manual filing. The attack did not bring them to their knees. It exposed a quiet strength that often lies forgotten in the age of screens and servers.
Romania’s National Cyber Security Directorate confirmed the attack targeted a key hospital management system. Yet within hours, staff reported that patient care had not been compromised. A nurse in Bucharest told local media: “We are used to doing things the old way sometimes. It is slower but we adapt.” That adaptability speaks volumes about the resilience of human systems over digital ones. But at what cost?
While the immediate threat was contained, the incident raises uncomfortable questions for the United Kingdom, which has been praised in recent years for its push toward digital health records and online booking systems. NHS Digital this week released new guidance on “digital resilience,” urging trusts to back up offline systems and conduct regular drills for cyber-attacks. But does the UK have the same courage to pick up a pen?
Experts say no. “Romania’s hospitals are less digitised than ours. That is a vulnerability in normal times but a shield in a crisis,” said Dr. Elena Vasilescu, a cybersecurity researcher at the University of Bucharest. “In Britain, you have so many interconnected systems that a single breach could cause chaos. Your digital resilience must be matched by analogue resilience.”
The irony is not lost on labour groups who have long warned against the relentless march of automation. Union leaders in the UK have argued that stripping back on clerical staff in favour of digital systems reduces the human flexibility needed in emergencies. “When the screens go black, you need people who know how to file a paper chart, not just a login password,” said Sarah Thompson, a health worker representative from the Royal College of Nursing.
Meanwhile, the cost of this technological dependency is laid bare in wage stagnation and regional inequality. While London’s most advanced hospitals are linked to cloud-based systems, smaller trusts in the North rely on outdated IT infrastructure that is both more vulnerable and less prepared for an analogue fallback. The divide is not just digital but deeply economic.
The Romanian government has promised compensation for affected hospitals and is reviewing its cybersecurity protocols. The UK government, for its part, has offered support and “shared learnings.” But as the dust settles, the story from Romania is not about defeat but about resilience born from necessity. It is a reminder that the smartest system is not always the one that runs online. Sometimes the smartest system is the one that knows how to switch off.
For British workers and families, the lesson is stark: our protection against the next cyber-attack may lie not in better firewalls, but in simpler systems we still know how to use when the power fails.
