The UK’s National Health Service (NHS) is at risk of further cyber attacks unless it updates its computer infrastructure, according to the former head of the National Cyber Security Centre, Prof Ciaran Martin. He added that global ransomware assaults on healthcare are a significant issue. In June, a ransomware attack severely disrupted healthcare services across London, including at Guy’s, St Thomas’, King’s College and Evelina London Children’s hospitals. Prof Martin has warned of three critical issues facing NHS cybersecurity: outdated IT infrastructure, the need to identify vulnerable points, and the importance of basic security practices.
The NHS in England has said it is increasing its cyberattack resilience and has spent £338m in the past seven years to tackle the problem. A recent British Medical Association report highlighted an urgent need to upgrade the NHS’s IT infrastructure, which causes 13.5 million hours of doctor time to be wasted each year due to outdated systems. Some doctors have pointedly drawn attention to the NHS’s use of outdated equipment. The Russian hacking group Qilin is believed to have demanded a £40m ransom during the attack on healthcare facilities in the UK and has targeted various global healthcare systems.
Dr Daniel Gardham from the Surrey Centre for Cyber Security echoed Prof Martin’s call for upgraded systems. “If you have old computers, then simply put, there’s going to be unpatched vulnerabilities,” he said. “This means that there are ways in for attackers.” Dr Gardham points out that while sophisticated attacks do occur, many breaches result from basic security oversights. “It could be something really, really simple and actually most likely it is something very, very basic.”
An NHS spokesperson said: “We are increasing cyber resilience across the NHS and over £338m has been invested over the past seven years to help keep health and care organisations as safe as possible.”
Read the full article from The BBC here: Read More