Hospital IT Department...
Wednesday
WE ARE constantly told that the NHS is being choked by endless layers of management and bureaucracy. Money that should be spent at the frontline of the war against disease is being squandered on red tape and IT systems that are pathetically vulnerable to cyber attacks. After the recent NHS-wide computer outage that shut down entire hospitals and led to the cancellation of countless life-saving operations, the government vowed to tighten its cyber security measures. But did they? To see if health minister Jeremy Hunt has put the taxpayers’ money where his mouth is, I dress up as a Primary Care Tr ust manager, complete with pinstripe suit, furled umbrella, briefcase and joke shop bowler hat, and sneak into the officesat my local hospital. It is the work of a moment to put a match to a sheet of A4 paper under a smoke detector, setting off fire alarms throughout the buildings and leading to a full scale hospital evacuation. As health workers scramble to wheel patients out into the car park, I am able to saunter into the IT depar tment unchallenged. Into the first computer I found, I inser t a memory stick containing a selection of malware programs including the Hong Kong Worm, CryptoLocker, MyDoom and a Trojan virus downloaded from a Nigerian Prince’s email. Within seconds, the screen in front of me - which had previously been showing a spreadsheet of biopsy results and inpatient operating theatre schedules - is covered with a mass of pop-ups, lurid spam adver ts and hardcore pornographic images. Bringing down the IT depar tment of a major Primary Care Tr ust has been the work of just a few moments. And frighteningly, had I been a genuine hacker with malign intent, I could have done exactly the same thing just as easily. I don’t want any gratitude for what I have done.... ...If my efforts act as some sort of wake-up call for the NHS, that will be thanks enough.