NHS Cyber Attack: a timely reminder we need preventative medicine
Ransomware attack could be wake-up call the healthcare sector needs to grasp importance of cyber security and the catastrophic cost of ignoring its threat.
The news that 48 NHS trusts have been by hit a ransomware attack is a timely reminder that the healthcare industry needs to take the crucial issue of cyber security far more seriously.
Last week’s cyber attack has sporadically disrupted NHS operations but at the time of writing the number of serious incidents has been minimal, although concerns remain that further issues could emerge.
The need for tighter cyber security in the healthcare sector has grown in prominence in recent years amid concerns about protecting patients’ privacy and safety.
Cyber security experts have warned healthcare organisations that they need to step-up efforts to ensure data security is airtight amid concerns about how frequently NHS trusts have backed up data and updated security patches.
Until last week’s cyber attack, many security experts feared not enough had been done in the industry.
Cyber security is a “massive concern” market intelligence firm ABI Research warned in 2015. It argued insufficient investment could jeopardise the digital transformation of the healthcare sector if not addressed promptly.
“Millions of connected medical devices introduce dangerous new threat vectors into the healthcare IT infrastructure and will seriously undermine patient safety and effective care delivery if left unchecked,” ABI warned last year.
About $5.5bn had been invested global healthcare cyber security by the end of 2016, according to estimates by ABI. But only $0.3bn was dedicated to medical device security – which now looks woefully insufficient.
The virus, known as Wanna Decryptor, has been deployed in 150 countries and has affected hundreds of thousands of devices.
The NHS Digital Data Security Centre is coordinating with National Cyber Security Centre to try to resolve the cyber threat issues in the NHS trusts. Guidance documentation can be accessed here.
The only silver lining that may emerge from the fallout from last week’s ransomware attack is that it may finally be the wake-up call the healthcare industry needs to grasp the importance of cyber security and the potentially catastrophic costs of ignoring its threat.