113 NHSmail mailboxes were hacked at the beginning of the month, sending malicious emails to external recipients, according to a spokesperson from NHS Digital. The NCSC has confirmed that this activity is part of a widespread credential-harvesting phishing campaign that is targeting a broad range of organisations across the UK, and are working with the NHS to mitigate against cyber-attacks. There is currently no evidence to suggest that patient records were accessed, but with the NHS managing a huge range of sensitive information, the implications of this attack could be incredibly serious.
NHS Digital have done a tremendous amount to protect their network since WannaCry but, like any organisation, there’s never just one hole to plug: it is a continuous battle of improvement for the security team.
Two factor authentication is clearly a difficulty for the NHS due to the number of multiple users using multiple devices. 2FA can be a simple answer to combat many phishing campaigns, but when it can’t be implemented due to the structure of the organisation, failures will remain in place and attacks will slip through the net.
The NHS’s journey to full protection is a long road, with many different security layers required to make the best out of how they operate.