The NHS hopes a new £20 million cybersecurity team will identify potential weaknesses in its IT infrastructure so pre-emptive steps can be taken to protect patient data from attacks.
The new unit will use ethical hackers to spot the vulnerabilities while also monitoring the web for threats that could be used to stage assaults such as the WannaCry ransomware attack that wreaked havoc across the NHS in May.
There are also plans for a national real time monitoring and alert service for the NHS. The idea is that by pooling information and using a central repository, individual organisations such as trusts won’t have to rely on their own devices.
“The partnership will provide access to extra specialist resources during peak periods and enable the team to proactively monitor the web for security threats and emerging vulnerabilities,” NHS Digital is quoted as saying in The Times.
“It will also allow us to improve our capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating known threats.”
WannaCry caused disruption at least 34 percent of trusts in England (at least 81 out of 236), with data at 600 GP practices locked by the malware. More than 19,500 appointments were cancelled and five hospitals were forced to divert ambulances elsewhere.
A report from the National Audit Office claimed the attack was entirely preventable if the NHS had followed “basic IT security” protocols.
Meanwhile, NHS organisations will receive SMS alerts for cyber incidents from CareCERT, which provides guidelines and response details for cyberattacks to the NHS. The alerts will be sent using Gov.UK Notify and wil include input from the National Cyber Security Centre (NCSC).
“Finding a secure way to communicate nationally with NHS organisations during a major incident was a priority for us following the WannaCry incident in May,” said Toby Griffiths, Innovation & Development Lead at the Data Security Centre.
“SMS was identified as an appropriate solution following feedback from users affected by WannaCry, as it offers an additional level of resilience beyond the standard channels used for sharing CareCERT updates.
“We want to take that a step further by building a professional network across the NHS through online collaboration. The NCSC forum allows us to share information securely that we might not otherwise be able to share.”
Welcome to Silicon UK: AI for Your Business Podcast. Today, we explore how AI can…
Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…
Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…
Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…
Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…
Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…