It has been confirmed a software outage affecting the NHS 111 service was caused by a cyber-attack. Advanced, a firm providing digital services for NHS 111, said the attack was spotted at 07:00 BST on Thursday. The attack targeted the system used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings and emergency prescriptions. More information: https://www.bbc.co.uk/news/uk-wales-62442127
The latest cyber-attack on the NHS is a reminder that the organisation remains a prime target for hackers. While the cost of breaches for companies can be immense, the stakes are even higher in the healthcare industry as life and death decisions are being made. There is no space for complacency.
Cyber criminals have built an impressive arsenal of weapons over recent years. Consequently, organisations are increasingly outwitted, outgunned, and outflanked by hackers. However, instead of just accepting their fate, companies batten down the hatches and root out vulnerabilities.
Cyber criminals don’t take holidays, ensuring data is secure must be a 24/7 job. It only takes a single vulnerability to enable a breach. Whilst organisations cannot stop every attack, they need to understand how attacks occur and put in place the appropriate defences to protect what is often their most valuable asset, data.
The potential for cybercrime to be used as a tool in warfare is real. This attack on the NHS is a reminder that no organisation is safe, and every citizen has a role to play in digital fortification, whether it’s protecting a country, a company or a consumer.
Awareness and vigilance are vital weapons in our response to these threats. Power comes through knowledge about how cyber attacks could happen, and flagging them to the UK’s national reporting centre for fraud and cyber crime. This is why cyber security training shouldn’t just be a tick-in-the-box exercise, but an ongoing journey of education for us all.
This attack on Adastra’s client patient management solutions, which is used by 81% of NHS 111 services, is yet another example of the unprecedented increase in cyberattacks targeting the IT systems of healthcare organisations. Adastra, who suffered a loss of service, has taken the responsible precautionary measure of isolating all their health and care environments – containing the attack and segmenting critical services and data should be a top priority in the event of a cyber-attack.
Sadly, cyberattacks like this one that threaten the delivery of critical services will be an ordeal we continue to read about. After NotPetya and WannaCry many organisations upgraded their protection with the latest detection and response technology. However, ransomware gangs are getting better at evading these methods and so, a Zero Trust, assume breach mindset is needed to truly protect against these attacks. By only allowing known and verified communication between environments, security teams can contain an attack on the IT systems and reduce the impact on operational processes of any business.
Cyber attacks on our national health services can be far reaching – from disrupting delivery of key services like out of hours GPs to impacting public safety through delays in ambulance dispatching. As we’ve continuously seen, the damage from a cyber attack is no longer contained to the digital world as attacks can have grave consequences in the physical realm. Ransomware attacks on health services are on the rise: our research suggests healthcare organisations globally suffered two or more ransomware attack each in the last year.
The NHS and healthcare organisations in general must be proactive in minimising their exposure. The push for digital adoption in the sector means that its threat landscape is constantly expanding, and the most efficient way of limiting damage from cyber attacks is to actively identify and protect those areas where most damage can be caused – the critical data and assets that can seriously disrupt patient care if compromised. Cyber attacks are inevitable to some degree, but adopting an ‘assume breach’ approach in advance can keep them contained.
Despite the efforts of the NHS, the volume of activity targeting public healthcare organisations, combined with demands and constraints on resources, means that the cyber risk is still very high. Building resilience must be a focus, whether that’s to fend off nation-state attacks or the more common profit-motivated cyberattacks.
Cybersecurity is not an ‘install and forget about it’ job, but a process that must be operationalised so security resilience can be continually improved. The lifecycle of “assess, detect and remediate” when dealing with cyberattacks can no longer be an option, instead it must be an essential part of the organisation’s process and form part of the cost of operational running.