NHS is open to another cyber attack, says team
THE NHS needs greater cyber-security to prevent a crippling attack during the coronavirus pandemic, a think tank has warned.
Experts at Chatham House, the Royal Institute of International Affairs, claim the health service could be ill-prepared to deal with a potentially devastating cyber threat and has suggested the Government seek urgent help to protect it.
Lessons had been learned since the ransomware attack that caused widespread disruption to the NHS in 2017 but today’s situation was far more fragile, they said.
Joyce Hakmeh, senior research fellow at Chatham House’s International Security Programme, said: “Evidently the NHS is stretched to breaking point.
“Expecting it to be on top of its cyber-security during these exceptionally challenging times is unrealistic.”
She said supporting the NHS should go beyond increasing human resources and equipment capacity, as cyber security was critical in ensuring health professionals carried on saving lives, safely and securely.
At such a critical time for the health service, they want the Government to call on the private cyber-security sector for assistance.
The think tank was also concerned about usual security processes being sidestepped, such as a national audit of the NHS’s security and cyber-resilience, which was put on hold until September due to Covid-19.
It comes as Europol recently warned about pandemic profiteering, particularly online, where criminals are attempting to exploit the crisis.
Ms Hakmeh said: “Now is the time where innovative public-private partnerships on cyber-security should be formed, similar to the economic package the Chancellor has put in place to shore up the economy against the Covid-19 impact and the innovative thinking on ventilator production.
“The ways in which this support can be delivered can take different forms. The important thing is that it is mobilised swiftly.”
The attack in 2017 was halted within a few days of its discovery due to emergency patches released by Microsoft and the discovery of a “kill switch” that prevented infected computers from spreading it further.
The attack was estimated to have affected more than 200,000 computers across 150 countries, with damage ranging from hundreds of millions to billions of dollars.