The NHS is lagging so far behind on cyber security that patient data is now at risk, according to IT decision makers in the health service.
A survey of NHS tech experts has found that a third believed patient data had already been stolen while 80% thought that staff records had also been successfully targeted by hackers. Another major fear shared by two-thirds of the IT decision-makers was that hacked medical equipment could even affect patient safety.
Commissioned by computer firms Intel and VMware, a subsidiary of Dell Technologies, the survey found that the NHS’s tech experts believed the most likely sources of the hacking were hacker groups and lone wolf cyber criminals but they also feared that health staff and patients were behind some of the hacking attacks.
WannaCry
The WannaCry ransomware virus, which went around the world in May 2017 after apparently originating in North Korea, led to the Government pledging extra funding to help update the health service’s IT systems.
Health Minister James O’Shaughnessy, (left) a Tory peer said the NHS had a long history of safeguarding confidential data.
“But with the growing threat of cyber-attacks including the WannaCry ransomware attack in May, this Government has acted to protect information across the NHS,” he said.
“Only by leading cultural change and backing organisations to drive up security standards across the health and social care system can we build the resilience the NHS needs in the face of a global threat.” But 70% of of the survey respondents said that more needed to be done to keep the NHS up to speed with a fast-paced and evolving threat.
Training and Education
Tim Hearn, (left) the director of the VMware branch associated with UK public services, praised the health service’s IT development but warned that it had a growing challenge.
“Across the NHS there are many fantastic examples of IT leaders being incredibly innovative in embracing new technologies to defend their complex infrastructures against cyber-threats,” he said.
“But the NHS is facing an uphill battle in keeping patient data safe against a backdrop of more persistent and diverse threats which increasingly target applications, bypassing traditional security.
It needs to modernise its approach and focus on protection from the inside out. This means investing more than the 10% of IT budget on security that it currently sets aside.”
“Its leaders are clearly saying two things – that the risk of data breach will have a significant negative impact on patients and the UK as a whole, and that they need more support, investment and skills in remaining secure. A huge part of this is introducing a ‘People, Process and Technology’ approach to security, ensuring that as well as having the right technology in place, people receive the right training and education to help tackle the threat.”
Unpatched Systems
David Houlding, the director of healthcare privacy and security at Intel, said it is time for data protection to be taken far more seriously in the workplace.
“Cybercriminals today are taking advantage of unpatched systems and unwitting employees with ransomware and phishing attacks, resulting in a record number of breaches worldwide,” he said.
“It is now more important than ever to comply with data protection laws and security standards, know the security posture of your organisation relative to the industry and proactively remediate gaps to actively address security issues.”
Awareness of the growing danger of cyber attacks has reached the point that several talks and seminars on the issue were held at the UK Health Show in Olympia, London on September 27. Mike Hulett, the head of operations at the National Crime Agency’s cyber crime unit discussed the lessons that public services could learn from the WannaCry attack.
There is an increasing recognition that cyber security is still a small and fledgling branch of healthcare that needs funding and expertise to grow into an essential force capable of adapting to the threats created by new technology.
by Stewart Vickers
The post NHS: Cyber Attacks Now Threaten Patients appeared first on Felix Magazine.
No comments:
Post a Comment