CONNECTING THE DEFENCE COMMUNITY WITH INSIGHT, INTELLIGENCE & OPPORTUNITIES

Officially Supported By: Defence Contracts International Supply2Defence

Official Media Partners for:

A new whitepaper from Imperial College London discussing how the NHS can improve cybersecurity has been presented at the House of Lords.

In 2017 the NHS experienced a ransomware attack which affected around 16 health service organisations across England and Scotland. The ransomware, developed by the US to exploit the CVE-2019-0708 weakness in Microsoft, demanded payments of $300 and $600 to regain access to obscured data, leading many practices to resort to pen and paper, send patients to other hospitals, and warn people to only use their local hospital for emergencies. The attack affected most systems, including telephones. The ransomware also affected public organisations in Russia, Ukraine, Singapore, Taiwan, and India. It is estimated that the ransomware cost the NHS £92million. Over 19,000 appointments had to be cancelled, costing around £20million, and the upgrades to IT systems and clean up in the aftermath cost £72million.

Following the attack, the NHS signed a deal to upgrade local service computers to Windows 10. The ransomware uses EternalBlue exploit, developed by the NSA, which gains access through weaknesses in older Windows operating systems such as Windows 7, Windows Vista, and Windows XP. The same weaknesses aren’t present in Windows 10. Microsoft issued a patch to remove the weakness in older systems that made the attack possible. The NHS also increased infrastructure spending by £60million following the attack, focusing on vulnerable services such as trauma and ambulance services. In 2o18, the government released a report titled ‘Security and Cyber Resilience in Health and Care’. In the report the NHS was promised:

  • £150million investment over the next three years
  • A new Cyber Security Operations Centre
  • A new Data Protection toolkit
  • The implementation of changes recommended by the Chief Information Officer for Health and Care’s review of the May 2017 WannaCry attack
  • Support for 25 local NHS organisations through the ‘Blue Teams’ pilot
  • A full estimation of the cost of the cyber attack.

According to Kaspersky Lab, 75,000 of their clients reported WannaCry attacks since the NHS was affected in May 2017. The data also showed that WannaCry was responsible for 28% of attacks in the third quarter of 2018, up by two-thirds compared to the third quarter of 2017. Many organisations installed the fix released by Microsoft but many remained vulnerable, including Boeing, which was hit in March 2018 as the patches were not in place. The ready availability of these fixes meant they were able to recover from the attack quickly. Kaspersky recommended that organisations stay informed of updates and patches available for all operating systems.

The Imperial College London whitepaper comes from the Institute of Global Health Innovation and was lead by Professor the Lord Ara Darzi. The paper points to outdated systems, a skills deficit, a lack of investment, and a lack of awareness of cybersecurity as the main issues still leaving the NHS open to ransomware. The report, which compiled evidence from the UK and from health systems around the world, praised what has already been done but recommended further investment. It also recommends employing cybersecurity professionals on IT teams, installing ‘fire breaks’ into their systems to isolate certain parts if they become infected, and enforcing communication systems that allow staff to access information on cybersecurity and what to do in the event of an attack. The report also detailed the need for cybersecurity to be at the centre of new medical technologies such as robotics, implant devices, and gene-based medicine.

New reports suggest that ransomware is becoming more sophisticated. Attacks can affect all levels of NHS systems, including test results, medical records, and could even allow hackers to steal a patient’s identity. The greatest risk involves patient data being altered, which could result in them receiving the wrong care or major issues being unrecognised. Wannacry attacks on Singapore healthcare systems in 2018 compromised 150million patient records. Most modern hospital records, test results, and patient information details are stored digitally, making it crucial to ensure they are protected. The financial impact can also cause huge problems for the NHS, which is currently undergoing problems with funding.

Dr Saira Ghafur, one of the main authors of the whitepaper, said: “Addressing the issue of cyber security will take time, as we need a shift in culture, awareness and infrastructure. Security needs to be factored into the design of digital tools and not be an afterthought.”

“NHS trusts are already under financial pressure, so we need to ensure they have the funds available to ensure robust protection against potential threats.”

The main focus of the report is the need for investment. Lord Darzi recommended further investment into research on how the NHS is vulnerable and how it can be strengthened. The report includes details of the recommendation from the Department of Health that the NHS create a Care Computer Emergency Response Team to support cybersecurity. However, they said that all staff across the NHS must be made aware of how to maintain cybersecurity. This includes measures such as not sharing passwords, never leaving computers unlocked, and not emailing data, especially sensitive patient data, to personal email addresses. Staff being made aware of these simple changes could prevent malware from entering into computer systems.

The main target of the Wannacry malware was SingHealth, the healthcare system in Singapore. One factor was website defacing, which was done through SingHealth sites mounted on WordPress. A report from the CSA examined the lasting effects of the attack and how cybersecurity has changed in the country since. A year on from the attack, there was a 30% drop in phishing URLs with a Singapore link, 16,100 in total. The number of phishing attempts increased during major events such as the US-North Korea summit in Singapore. This year, Singapore’s independent privacy watchdog fined SingHealth $750,000 for failing to secure patient data. Advanced threat detection software has been installed across SingHealth networks access to dedicated workstations has been restricted. Database monitoring has been put into use to spot vulnerabilities in coding. SingHealth representatives have spoken about their commitment to improving cybersecurity and reacting quickly to any threats.

Want to know more?

To learn more about cyber security and how your business can stay protected from threats, visit the Cyber Essentials Online website.

If you would like to join our community and read more articles like this then please click here.

administration communications cybersecurity electrical health online ICT installation maintenance NHS office Research security software Training

Post written by: Ciara Houghton


LATEST STAKEHOLDER

Become a Stakeholder today and benefit from an exclusive marketing package which will allow you to:

  • Engage with active defence buyers and key supply chain partners
  • Create your own branded micro-site which within Defence Online which is managed by you
  • Have a dedicated Digital Account Manager to help enhance your Stakeholder page
  • Promote your news, products, press releases, eBooks and Videos as a Defence Online partner which feeds through to our homepage and social media channels
  • Have your company promoted on our partner website Defence Contracts Online (DCO)
  • All news promoted in mynewsdesk, a major hub for all of our news articles which enables news to be picked up from trade magazines, national newspapers and many other publications which offers extra exposure at no additional cost!

Contact us today or call us on 0845 557 1315 to take advantage of this exclusive marketing package


.

RELATED ARTICLES

The £16M investment will fund Centres for Doctoral Training (CDT) led from the universities of Southampton and Edinburgh, forging closer links between defence and academia.

March 21, 2024

Homeland - MoD funds new centres for Doctoral Training

Two new centres for doctoral training are to be funded by the MoD which will enable novel research and provide

Defence Online partnered with the workforce management experts at Guidant Global to chart emerging employment trends within the UK defence sector and identify how the industry can ensure its place on the international stage.

January 24, 2024

Homeland - Employment trends in defence - new research launched

In July 2023, the Ministry of Defence unexpectedly published a refreshed Defence Command Paper which, amongst other points, acknowledged the