LONDON (AP) — An independent investigation has concluded that the debilitating cyberattack that crippled parts of Britain’s National Health Service earlier this year could have been prevented with basic security measures.

The National Audit Office probe found computers at 81 health trusts — or a third of such trusts across England — had not been updated to secure them against the WannaCry ransomware attack in May, which disrupted thousands of doctors’ appointments and led to ambulances being diverted.

Audit office head Amyas Morse urged the Health Department and public health officials to “get their act together” or risk suffering a more damaging attack from more sophisticated cyber threats in the future.

North Korea has been blamed for the attack.

Ransomware works by taking over a computer and demands ransom payment.

More In Cyber