Following the reports that UK National Health Service’s Lincolnshire and Goole’s hospital has cancelled surgeries and diverted trauma intakes after its systems were attacked by a virus, IT security experts from Synopsys and SentinelOne commented below.
Chris Clark, Principal Security Engineer – Strategic Initiatives at Synopsys:
“Considering the increased number and severity of ransomware attacks over the last year, UK National Health Service’s Lincolnshire and Goole’s decision to shut down systems and transfer patients was probably well warranted. The potential for patient harm or damage due to a cyber event of any type could be catastrophic to any health system. Healthcare delivery organizations and device manufacturers must do a better job of protecting critical infrastructure and demand more robust security and patient care solutions.”
Tony Rowan, Solution Architect Director at SentinelOne:
“With the malware infection at Lincoln, Grantham and Boston hospitals these events are having very real impact on our everyday lives. Many critical healthcare systems are now connected to networks and this inevitably makes them vulnerable. Sadly, given the current defences that many organisations are depending on, it is only a matter of time before someone dies as a result of some form of malware attack. At last year’s Gartner conference in London, Christian Byrnes, managing vice president at Gartner, stated that the information security industry now has to extend beyond the responsibility for CIA (confidentiality, integrity, availability) and has to take on the additional responsibility of safety (http://www.gartner.com/newsroom/id/3144319). Clearly, he is correct and the safety aspect of systems we depend on must be included in the security analysis of systems and software. With our ever-increasing dependence on software based system for so many key aspects of our lives, the issue of malware attacks must be given a great deal of attention.”