NHS Boosts Cybersecurity With Ethical Hackers, Real Time Monitoring & SMS Alerts

The NHS hopes a new £20 million cybersecurity team will identify potential weaknesses in its IT infrastructure so pre-emptive steps can be taken to protect patient data from attacks.

The new unit will use ethical hackers to spot the vulnerabilities while also monitoring the web for threats that could be used to stage assaults such as the WannaCry ransomware attack that wreaked havoc across the NHS in May.

There are also plans for a national real time monitoring and alert service for the NHS. The idea is that by pooling information and using a central repository, individual organisations such as trusts won’t have to rely on their own devices.

NHS cybersecurity

“The partnership will provide access to extra specialist resources during peak periods and enable the team to proactively monitor the web for security threats and emerging vulnerabilities,” NHS Digital is quoted as saying in The Times.

“It will also allow us to improve our capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating known threats.”

WannaCry caused disruption at least 34 percent of trusts in England (at least 81 out of 236), with data at 600 GP practices locked by the malware. More than 19,500 appointments were cancelled and five hospitals were forced to divert ambulances elsewhere.

A report from the National Audit Office claimed the attack was entirely preventable if the NHS had followed “basic IT security” protocols.

Meanwhile, NHS organisations will receive SMS alerts for cyber incidents from CareCERT, which provides guidelines and response details for cyberattacks to the NHS. The alerts will be sent using Gov.UK Notify and wil include input from the National Cyber Security Centre (NCSC).

“Finding a secure way to communicate nationally with NHS organisations during a major incident was a priority for us following the WannaCry incident in May,” said Toby Griffiths, Innovation & Development Lead at the Data Security Centre.

“SMS was identified as an appropriate solution following feedback from users affected by WannaCry, as it offers an additional level of resilience beyond the standard channels used for sharing CareCERT updates.

“We want to take that a step further by building a professional network across the NHS through online collaboration. The NCSC forum allows us to share information securely that we might not otherwise be able to share.”

Quiz: The triumph and the tragedy of public sector IT

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Kaspersky To Shutter US Operation After National Security Ban

Russian cybersecurity giant Kaspersky is to close down all of its operations in the United…

10 mins ago

Microsoft Faces UK Probe Over Inflection Staff Hiring

Poaching staff? UK's CMA regulator confirms phase one investigation of Microsoft's “hiring” of former Inflection…

3 hours ago

Elon Musk To Relocate SpaceX, X HQ To Texas

Leaving California. Elon Musk protests new gender-identity law, says he will move headquarters of SpaceX…

4 hours ago

Hackers ‘Publish Walt Disney Internal Slack Data’

Hackers reportedly publish data from thousands of Disney internal Slack communications, including data on strategy…

1 day ago

Apple Shares Reach All-Time High On AI Optimism

Apple shares surge after Morgan Stanley rates company 'top pick' over AI plans and says…

1 day ago

Musk Confirms Robotaxi Delay For Design Change

Elon Musk confirms delay of Tesla robotaxi launch as company's shares surge after he publicly…

1 day ago