As we pass the one-year anniversary of lockdown, it is important that we reflect, not only upon our own personal sacrifices but also on the valiant efforts made by NHS staff across the UK, who in the past 12 months have worked tirelessly in the face of the almost overwhelming pressure placed on our healthcare facilities by Covid-19. However, Covid-19 was not the only virus hospitals have needed to worry about during this ordeal.
Before the pandemic, hospitals were still considered lucrative targets by cyber criminal gangs trying to snatch sensitive data or encrypt vital systems in exchange for money. However, the arrival of Covid-19 made things much worse, with heinous cyber criminals leveraging the pressures of the pandemic to target already-stretched hospitals, thinking they would be the most likely victims to cough up. Not only does this create chaos for understaffed facilities, it could also lead to fatal consequences for any seriously ill patients needing urgent treatment. For example, 2020 saw the first potential death caused by ransomware after a German hospital was attacked, forcing an ambulance carrying an elderly patient to travel nearly 40 miles to the next nearest hospital, a trip the patient didn’t survive, unfortunately.
Ransomware gangs are not new, so our hospitals should be well equipped to deal with them. The only issue is, some are not.
Although hospital IT teams are also working hard to keep their networks secure, the rapid digital transformation we have seen across some areas of the NHS, spurred on by the pandemic, has almost certainly left cracks in the wall, creating new vectors for cyber gangs to exploit. And despite promising to not target vital healthcare facilities during the pandemic, ransomware gangs were quick to break that promise in search of a fast buck.
The main issue here is that many of our hospitals rely on antiquated technologies and inadequate defences to fend off ever-evolving cyber criminals who work around the clock. In addition, finding and training the team of experts to take on this fight requires investment, which many NHS trusts simply cannot afford.
Every second counts during an attack, which is why organisations need to be focusing not only on having the technology in place, but also on having services that can provide support. MTR (managed threat response) services, such as Sophos MTR, means health organisations are becoming more proactive in the fight against cyber criminals. Sophos threat hunters are able to proactively take action on an organisation’s behalf to mitigate threats in real time, allowing trusts to be one step ahead.
In addition, trusts should also be aware of the fail-safe option in case a breach does occur, as it is imperative that hackers are prevented from reaching their goal in as little time as possible. Sophos recently launched its Rapid Response service, which is a 24/7 team of remote incident response and threat analysts who could be neutralising active threats within hours.
If we really want to ensure our healthcare system does not suffer the same fate it did during the WannaCry era, it is time for the NHS to get ahead and take a more proactive approach to cyber security. While the end of lockdown is in sight, the fight to keep patients safe is still ongoing, and that starts from the moment their data is registered, not when they hit the wards.
Jonathan Lee is director of public sector relations at Sophos