NHS Boosts Cybersecurity With Ethical Hackers, Real Time Monitoring & SMS Alerts

The NHS hopes a new £20 million cybersecurity team will identify potential weaknesses in its IT infrastructure so pre-emptive steps can be taken to protect patient data from attacks.

The new unit will use ethical hackers to spot the vulnerabilities while also monitoring the web for threats that could be used to stage assaults such as the WannaCry ransomware attack that wreaked havoc across the NHS in May.

There are also plans for a national real time monitoring and alert service for the NHS. The idea is that by pooling information and using a central repository, individual organisations such as trusts won’t have to rely on their own devices.

NHS cybersecurity

“The partnership will provide access to extra specialist resources during peak periods and enable the team to proactively monitor the web for security threats and emerging vulnerabilities,” NHS Digital is quoted as saying in The Times.

“It will also allow us to improve our capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating known threats.”

WannaCry caused disruption at least 34 percent of trusts in England (at least 81 out of 236), with data at 600 GP practices locked by the malware. More than 19,500 appointments were cancelled and five hospitals were forced to divert ambulances elsewhere.

A report from the National Audit Office claimed the attack was entirely preventable if the NHS had followed “basic IT security” protocols.

Meanwhile, NHS organisations will receive SMS alerts for cyber incidents from CareCERT, which provides guidelines and response details for cyberattacks to the NHS. The alerts will be sent using Gov.UK Notify and wil include input from the National Cyber Security Centre (NCSC).

“Finding a secure way to communicate nationally with NHS organisations during a major incident was a priority for us following the WannaCry incident in May,” said Toby Griffiths, Innovation & Development Lead at the Data Security Centre.

“SMS was identified as an appropriate solution following feedback from users affected by WannaCry, as it offers an additional level of resilience beyond the standard channels used for sharing CareCERT updates.

“We want to take that a step further by building a professional network across the NHS through online collaboration. The NCSC forum allows us to share information securely that we might not otherwise be able to share.”

Quiz: The triumph and the tragedy of public sector IT

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Google Fiber Plans US Network Expansion – Report

Google Fiber resurfaces. Network to be expanded to offer speedy internet connectivity to cities in…

9 hours ago

Samsung Unveils Two New Folding Smartphones

Foldable updates from Samsung. include new versions of its pocket sized square (Galaxy Z Flip…

9 hours ago

Elon Musk Sells Tesla Shares Worth $6.9 Billion

Tesla CEO Elon Musk admits he could need the funds if he loses legal showdown…

11 hours ago

Facebook At Centre Of US Teenager Home Abortion Case

Court documents show Facebook provided police in the US state of Nebraska with a teenager's…

12 hours ago

President Biden Signs $53 Billion US Chips Act

President Joe Biden signs landmark bill to encourage chip makers to build more semiconductor manufacturing…

14 hours ago

WhatsApp Update To Allow Users To Leave Groups Silently

Privacy changes to WhatsApp. No more blanket notifications to a group if a user decides…

15 hours ago