Categories: SecurityWorkspace

Study: NHS ‘Remains Vulnerable’ To WannaCry-Style Cyber-Attacks

Researchers at Imperial College London have said that the NHS remains vulnerable to cyber-threats such as WannaCry, and called on it to take “urgent steps” to improve security.

The global WannaCry ransomware attack in May 2017 disrupted operations at around 34 NHS trusts, preventing staff from accessing patient data and carrying out critical services.

It is estimated to have cost the NHS around £92m in total, and in response the Department of Health and Social Care announced it would spend £150 million over the next three years to improve security.

The recently announced NHSX unit, which is overseeing digital transformation, is also tasked with clarifying security operations.


But these measures, while important, do not go far enough and the NHS remains vulnerable due to out-dated computer systems, a continued lack of investment and a deficit of skills and awareness in cyber-security, researchers from Imperial College London’s Institute of Global Health Innovation said in a white paper presented last week in the House of Lords.

They said more investment is needed and recommended key measures including employing cyber security professionals in IT teams, building “fire-breaks” into systems to allow for the isolation of certain segments of the structure in the event of an attack or virus infection, and instituting clear communications systems to that staff know where to get help and advice on cyber security.

New technologies are being used in health systems, including robotics, artificial intelligence, implantable medical devices and personalised medicines based on a patient’s genes, and the report’s authors said security must be designed into these technologies from the beginning.

“For the safety of patients, it is critical to ensure that the data, devices and systems that uphold our NHS and therefore our nation’s health are secure,” said Professor the Lord Ara Darzi, co-director of the IGHI and lead author of the study.

‘Looming threat’

“This report highlights weaknesses that compromise patient safety and the integrity of health systems, so we are calling for greater investment in research to learn how we can better mitigate against the looming threats of cyber-attacks.”

Co-author Dr Saira Ghafur said awareness of cyber-attacks has increased since WannaCry, but that further initiatives were needed.

“Addressing the issue of cyber security will take time, as we need a shift in culture, awareness and infrastructure,” Ghafur said.

NHSX said the NHS was “determined” to keep its systems safe from cyber-attacks.

“There is still much to do, which is why an extra £150m is boosting hospital defences alongside a national deal on Microsoft licences,” the organisatio said in a statement.

“NHSX will be setting national strategy and mandating cyber security standards so that local NHS and social care systems have security designed in from the start.”

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

OpenAI, Broadcom In Talks Over Development Of AI Chip – Report

Rebelling against Nividia? OpenAI is again reportedly exploring the possibility of developing its own AI…

2 days ago

Microsoft Outage Impacts Airlines, Media, Banks & Businesses Globally

IT outage causes major disruptions around the world, after Crowdstrike update allegedly triggers Microsoft outages

2 days ago

GenAI Integration Efforts Hampered By Costs, SnapLogic Finds

Hefty investment. SnapLogic research finds UK businesses are setting aside three-quarters of their IT budgets…

3 days ago

Meta Refuses EU Release Of Multimodal Llama AI Model

Mark Zuckerberg firm says European regulatory environment too ‘unpredictable’, so will not release multimodal Llama…

3 days ago

Synchron Announces Brain Interface Chat Powered by OpenAI

Brain implant firm Synchron offers AI-driven emotion and language predictions for users, powered by OpenAI's…

3 days ago