NHS at 76: The Crucial Need to Protect Healthcare Data

Share
The NHS remains a significant target for cybercriminals, or threat actors
5th July 2024 marks the 76th anniversary of the UK’s National Health Service (NHS), with Technology Magazine looking at its ongoing cybersecurity evolution

In 1948, the NHS was formed by the government to offer free healthcare services to all across the UK. Now, three-quarters of a century on, the organisation is facing its latest battle - the war on cyber.

As cyberattacks and tactics by threat actors continue to evolve at an alarming rate, there have been calls for the NHS to continually improve its digital systems in order to remain resilient. Having faced significant cybersecurity challenges over the years, including several high profile cyberattacks, it has been suggested that there have been some vulnerabilities within NHS digital infrastructure that it needs to confront.

Technology Magazine examines some of the digital concerns impacting the NHS today, in addition to sharing insights from Norton and Smart Communications over how it can continue to combat threats.

Technology and healthcare working in tandem

It is no secret that the NHS remains a significant target for cybercriminals, or threat actors. The organisation relies heavily on digital technologies to optimise its services and support its patients, leaving it open to continued threats.

Some of the ways in which threat actors can operate is to exploit sensitive patient data, inflict ransomware attacks on essential services, or conduct cyber warfare attacks. Most critically, the NHS was embroiled in the prolific 2017 WannaCry and NotPetya cyberattacks, leaving the organisation eager to make stringent security improvements across its operations.

Likewise, NHS England recently confirmed that its patient data managed by Synnovis was stolen in a ransomware attack on 3rd June 2024.

Youtube Placeholder

“This rise in healthcare related scams is particularly worrisome as individuals place their trust in the NHS,” comments Filip Husak, Data Analyst for Norton. “Cybercriminals are taking advantage of the increased search activity around NHS services during a time when the economy is struggling and we recommend that individuals take extra care when filling out medical forms online and searching for appointments.”

As the NHS continues to confront cybersecurity challenges in line with its use of digital technologies, there are plans to continue investing and enhancing real-time monitoring to thwart attack attempts and to build a more resilient healthcare system.

In the wake of the WannaCry attack, the UK government boosted its cybersecurity investment to strengthen NHS resilience. This included the development of a comprehensive cybersecurity strategy aimed at improving resilience and protecting the data of patients, promoting resilience sector-wide by 2030.

“This will ensure services are better protected from cyber threats, further securing sensitive information and ensuring patients can continue accessing care safely as the NHS continues to cut waiting lists,” the May 2023 government release highlighted.

Confronting a digital age as cybersecurity demands increase

More broadly, the healthcare industry is an urgent industry to consider within the cyber threat landscape, as patient safety is of crucial concern. As cybersecurity demands more time, organisations like the NHS are aware that they need to work to stay ahead of threat actors seeking to exploit its essential services. 

Some common threats that the NHS experiences include phishing, smishing (SMS phishing), spoofing and malware such as viruses and trojan horses. These aim to be disruptive for healthcare workers and patients alike, with activities designed to steal sensitive information or disrupt essential services such as operations from going ahead.

The NHS does now have access to its England Cyber Security Operations Centre (CSOC) that monitors 1.7 million devices in real-time, blocking 21 million malicious emails every month. However, as malicious cyberattacks continue to rise, more will need to be done to enable the healthcare organisation to not only recover from breaches, but to also get ahead of them.

“We have invested over £350bn (US$447bn) centrally in the NHS in cybersecurity since 2017 and of course we have strict standards that we expect suppliers to the NHS to meet,” Professor Stephen Powis, National Medical Director of NHS England, told the BBC. “But these threats are increasing all the time.”

******

Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Technology Magazine is a BizClik brand

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security