The Courier & Advertiser (Angus and Dundee)
‘spending needed’ to curb cyber attacks
A “massive” increase in spending is needed to prevent another “avoidable” cyber attack on NHS computer systems, an expert has warned.
Professor Bill Buchanan said the ransomware attack that hit 11 health boards as well as NHS National Services and the Scottish Ambulance Service last month should act as a “wake-up call” to government and health bosses.
The unprecedented attack, which hit scores of countries, impacted on acute hospital sites in Lanarkshire as well as GP surgeries, dental practices and other primary care centres around Scotland.
Holyrood’s health committee heard the virus found its way into Scottish NHS systems through either their connection with the NHS England network or through the internet.
It was able to spread through computers that were vulnerable through a combination of their use of a particular piece of software that shares information between devices, a particular network firewall configuration and the fact that they had not been upgraded or “patched up” to the latest version of Microsoft software.
Prof Buchanan, from the Cyber Academy at Edinburgh Napier University, said the penetration of the virus “was avoidable” and there was no excuse for the patch or upgrade not having been carried out.
He said: “This was a critical patch, critical is the highest level.
“I think we need a massive increase in spending not just on computers, but in really looking at healthcare services and how we provide them to the citizen.”
Health secretary Shona Robison said that a review of cyber resilience was ongoing and acknowledged that there may be additional costs as a result of that work.