Support 100 years of independent journalism.

Advertorial feature by Sophos
  1. Spotlight
17 March 2021updated 08 Sep 2021 8:25am

Hackers are chasing quick bucks by attacking a Covid-stretched NHS

Rapid expansion and ageing infrastructure has left NHS trusts and hospitals vulnerable to cyber criminals.

By Jonathan Lee

As we pass the one-year anniversary of lockdown, it is important that we reflect, not only upon our own personal sacrifices but also on the valiant efforts made by NHS staff across the UK, who in the past 12 months have worked tirelessly in the face of the almost overwhelming pressure placed on our healthcare facilities by Covid-19. However, Covid-19 was not the only virus hospitals have needed to worry about during this ordeal.

Before the pandemic, hospitals were still considered lucrative targets by cyber criminal gangs trying to snatch sensitive data or encrypt vital systems in exchange for money. However, the arrival of Covid-19 made things much worse, with heinous cyber criminals leveraging the pressures of the pandemic to target already-stretched hospitals, thinking they would be the most likely victims to cough up. Not only does this create chaos for understaffed facilities, it could also lead to fatal consequences for any seriously ill patients needing urgent treatment. For example, 2020 saw the first potential death caused by ransomware after a German hospital was attacked, forcing an ambulance carrying an elderly patient to travel nearly 40 miles to the next nearest hospital, a trip the patient didn’t survive, unfortunately. 

Ransomware gangs are not new, so our hospitals should be well equipped to deal with them. The only issue is, some are not.

Although hospital IT teams are also working hard to keep their networks secure, the rapid digital transformation we have seen across some areas of the NHS, spurred on by the pandemic, has almost certainly left cracks in the wall, creating new vectors for cyber gangs to exploit. And despite promising to not target vital healthcare facilities during the pandemic, ransomware gangs were quick to break that promise in search of a fast buck. 

The main issue here is that many of our hospitals rely on antiquated technologies and inadequate defences to fend off ever-evolving cyber criminals who work around the clock. In addition, finding and training the team of experts to take on this fight requires investment, which many NHS trusts simply cannot afford.   

Sign up for The New Statesman’s newsletters Tick the boxes of the newsletters you would like to receive. Quick and essential guide to domestic and global politics from the New Statesman's politics team. The New Statesman’s global affairs newsletter, every Monday and Friday. The best of the New Statesman, delivered to your inbox every weekday morning. A handy, three-minute glance at the week ahead in companies, markets, regulation and investment, landing in your inbox every Monday morning. Our weekly culture newsletter – from books and art to pop culture and memes – sent every Friday. A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. A weekly dig into the New Statesman’s archive of over 100 years of stellar and influential journalism, sent each Wednesday. Sign up to receive information regarding NS events, subscription offers & product updates.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy

Every second counts during an attack, which is why organisations need to be focusing not only on having the technology in place, but also on having services that can provide support. MTR (managed threat response) services, such as Sophos MTR, means health organisations are becoming more proactive in the fight against cyber criminals. Sophos threat hunters are able to proactively take action on an organisation’s behalf to mitigate threats in real time, allowing trusts to be one step ahead.   

In addition, trusts should also be aware of the fail-safe option in case a breach does occur, as it is imperative that hackers are prevented from reaching their goal in as little time as possible. Sophos recently launched its Rapid Response service, which is a 24/7 team of remote incident response and threat analysts who could be neutralising active threats within hours. 

If we really want to ensure our healthcare system does not suffer the same fate it did during the WannaCry era, it is time for the NHS to get ahead and take a more proactive approach to cyber security. While the end of lockdown is in sight, the fight to keep patients safe is still ongoing, and that starts from the moment their data is registered, not when they hit the wards. 

Jonathan Lee is director of public sector relations at Sophos

Topics in this article: