The UK’s National Health Service (NHS) is at risk of even more devastating cyberattacks as parts of its IT infrastructure become outdated.
Professor Ciaran Martin, the first CEO of the National Cyber Security Centre (NCSC), warned about the state of the NHS following a major cyber attack that hit the organisation in June 2024.
In total, more than 6,000 appointments and procedures were postponed across London due to the attack. In addition, pathology services provider Synnovis was hit by a ransomware attack on 3 June, resulting in hundreds of gigabytes of sensitive patient data being leaked online.
A call to arms
The ransomware attack left Professor Martin “shocked, but not entirely surprised,” he told the BBC: “Ransomware attacks on healthcare are a major global problem. “In parts of the NHS environment, it’s quite clear that some of the IT is outdated.”
In addition to outdated technology, the inability to properly identify vulnerabilities and the lack of basic security measures were the biggest problems for the NHS, he said.
“The attack targeted NHS hospitals in London, disrupting services and compromising sensitive patient data,” said Adam Button, Field CTO at Elastic. “The widespread disruption forced hospitals to revert to manual operations and postpone non-urgent procedures. This incident underscores the critical importance of robust cybersecurity protocols in protecting essential healthcare services and safeguarding patient data.”
“As the impact continues, this is a wake-up call for all healthcare providers to strengthen their defenses. Tools that can index, search, and analyze large amounts of data in real time are invaluable in detecting and responding to cyber threats.”
Button added that the board cannot be the only one aware of the “real threats” and the solutions that exist. Awareness must be spread nationwide.
“Properly equipping businesses on the frontline of what many see as an ongoing cyber war is paramount to the UK’s cyber resilience and national security,” he concluded.
Through Evening standard