NHS Boosts Cybersecurity With Ethical Hackers, Real Time Monitoring & SMS Alerts

The NHS hopes a new £20 million cybersecurity team will identify potential weaknesses in its IT infrastructure so pre-emptive steps can be taken to protect patient data from attacks.

The new unit will use ethical hackers to spot the vulnerabilities while also monitoring the web for threats that could be used to stage assaults such as the WannaCry ransomware attack that wreaked havoc across the NHS in May.

There are also plans for a national real time monitoring and alert service for the NHS. The idea is that by pooling information and using a central repository, individual organisations such as trusts won’t have to rely on their own devices.

NHS cybersecurity

“The partnership will provide access to extra specialist resources during peak periods and enable the team to proactively monitor the web for security threats and emerging vulnerabilities,” NHS Digital is quoted as saying in The Times.

“It will also allow us to improve our capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating known threats.”

WannaCry caused disruption at least 34 percent of trusts in England (at least 81 out of 236), with data at 600 GP practices locked by the malware. More than 19,500 appointments were cancelled and five hospitals were forced to divert ambulances elsewhere.

A report from the National Audit Office claimed the attack was entirely preventable if the NHS had followed “basic IT security” protocols.

Meanwhile, NHS organisations will receive SMS alerts for cyber incidents from CareCERT, which provides guidelines and response details for cyberattacks to the NHS. The alerts will be sent using Gov.UK Notify and wil include input from the National Cyber Security Centre (NCSC).

“Finding a secure way to communicate nationally with NHS organisations during a major incident was a priority for us following the WannaCry incident in May,” said Toby Griffiths, Innovation & Development Lead at the Data Security Centre.

“SMS was identified as an appropriate solution following feedback from users affected by WannaCry, as it offers an additional level of resilience beyond the standard channels used for sharing CareCERT updates.

“We want to take that a step further by building a professional network across the NHS through online collaboration. The NCSC forum allows us to share information securely that we might not otherwise be able to share.”

Quiz: The triumph and the tragedy of public sector IT

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

19 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

20 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

20 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

21 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

21 hours ago