How cybersecurity experts can help defend the NHS

As the NHS is tasked with doing more than ever with less, hackers have made repeated attempts to take advantage of the health service’s vulnerabilities. Lola Akanbi, Senior Security Consultant, Protection Group International, explains how external cybersecurity experts could help implement the appropriate security measures, and help deliver value for money to the underfunded institution.

The NHS has been the target of a number of large-scale cyber-attacks in recent years. With the government having consistently looked to save money during a decade-long austerity campaign, the institution’s digital defences have routinely been found to be weak by hostile actors.

Most recently, this saw several major London hospitals declare that they have been impacted by a cyberattack. The critical incident took place in early June, and led to operations being cancelled and emergency patients diverted to other hospitals.

King’s College Hospital, Guy’s and St Thomas’, including the Royal Brompton and Evelina London Children’s Hospital and other primary care services were affected. GP services across Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth boroughs were also impacted.

Speaking on the incident, Lola Akanbi, senior security consultant at Protection Group International, explained, “The NHS is a massive institution that has a complex network of relationships between its suppliers, vendors and third-party service providers. With supply chain attacks becoming increasingly sophisticated, threat actors exploit the vulnerabilities that appear through the interconnected nature of these supply chains.”

The cyberattack applied to hospitals partnered with third-party pathology service provider, Synnovis. The event subsequently had a significant impact on the delivery of services, including blood transfusions and test results. It also led to procedures being cancelled or redirected to other NHS hospitals. With many departments being unable to connect to the main server, hospitals needed to establish what work could be carried out safely.

Akanbi added, “As institutions become ever-more reliant on digital supply chains, understanding the implications of a supply chain attack is critical for maintaining resilience. With shrinking budgets, a lack of internal resources and training, the NHS needs to look at external cybersecurity experts who understand the nature of these threats and can implement the appropriate security measures. They can also implement regular training so that the NHS can better protect itself and its patients from the consequences of a successful supply chain attack.”

Preventing further attacks

Synnovis sent an IT taskforce to assess the incident and the NHS working with the National Cyber Security Centre (NCSC) to fully understand the impact. The incident has also been reported to the Information Commissioners Office (ICO).

Ransomware attacks are a habitual, ever-increasing threat to critical infrastructure. Threat actors will attack any organisation or institution whose cyber defences are not adequately robust. The NHS holds crucial data and therefore it needs to look at supply chain being a real point of vulnerability as it has increasingly been the way into main targets. With budgets reducing and not enough internal support, the NHS needs to turn to cybersecurity consultancies who can provide expertise and training.

“Cybersecurity experts can provide threat intelligence which will allow the NHS and healthcare providers to stay informed of emerging threats and adapt their security strategies accordingly. Additionally, by fostering a culture of security awareness the NHS can better protect their supply chains and mitigate the impact of a future attack,” concluded Akanbi.