Supporting British Healthcare Cybersecurity During COVID-19

The current crisis is an opportunity for the UK government to show agility in how it deals with cyber threats and how it cooperates with the private sector in creating cyber resilience.  By Joyce Hakmeh
 
The World Health Organization, US Department of Health and Human Services, and hospitals in Spain, France and the Czech Republic have all suffered cyberattacks during the ongoing COVID-19 crisis.

In the Czech Republic, a successful attack targeted a hospital with one of the country’s biggest COVID-19 testing laboratories, forcing its entire IT network to shut down, urgent surgical operations to be rescheduled, and patients to be moved to nearby hospitals. The attack also delayed dozens of COVID-19 test results and affected the hospital’s data transfer and storage, affecting the healthcare the hospital could provide.

In the UK, the National Health Service (NHS) is already in crisis mode, focused on providing beds and ventilators to respond to one of the largest peacetime threats ever faced. But supporting the health sector goes beyond increasing human resources and equipment capacity.

Health Services Ill-Prepared
Cybersecurity support, both at organizational and individual level, is critical so health professionals can carry on saving lives, safely and securely. Yet this support is currently missing and the health services may be ill-prepared to deal with the aftermath of potential cyberattacks.

When the NHS was hit by the Wannacry ransomware attack in 2017 - one of the largest cyberattacks the UK has witnessed to date – it caused massive disruption, with at least 80 of the 236 trusts across England affected and thousands of appointments and operations cancelled. Fortunately, a ‘kill-switch’ activated by a cybersecurity researcher quickly brought it to a halt.

But the UK’s National Cyber Security Centre (NCSC), has been warning for some time against a cyber attack targeting national critical infrastructure sectors, including the health sector. A similar attack, known as category one (C1) attack, could cripple the UK with devastating consequences. It could happen and we should be prepared.

Although the NHS has taken measures since Wannacry to improve cybersecurity, its enormous IT networks, legacy equipment and the overlap between the operational and information technology (OT/IT) does mean mitigating current potential threats are beyond its ability.

The threats have radically increased. More NHS staff with access to critical systems and patient health records are increasingly working remotely.

The NHS has also extended its physical presence with new premises, such as the Nightingale hospital, potentially the largest temporary hospital in the world.

Radical change frequently means proper cybersecurity protocols are not put in place. Even existing cybersecurity processes had to be side-stepped because of the outbreak, such as the decision by NHS Digital to delay its annual cybersecurity audit until September. During this audit, health and care organizations submit data security and protection toolkits to regulators setting out their cybersecurity and cyber resilience levels.

The decision to delay was made to allow the NHS organizations to focus capacity on responding to COVID-19, but cybersecurity was highlighted as a high risk, and the importance of NHS and Social Care remaining resilient to cyberattacks was stressed.

The NHS is stretched to breaking point. Expecting it to be on top of its cybersecurity during these exceptionally challenging times is unrealistic, and could actually add to the existing risk.

Now is the time where new partnerships and support models should be emerging to support the NHS and help build its resilience. Now is the time where innovative public-private partnerships on cybersecurity should be formed.

Similar to the economic package from the UK chancellor and innovative thinking on ventilator production, the government should oversee a scheme calling on the large cybersecurity capacity within the private sector to step in and assist the NHS. This support can be delivered in many different ways, but it must be mobilized swiftly.

The NCSC for instance has led the formation of the Cyber Security Information Sharing Partnership (CiSP)— a joint industry and UK government initiative to exchange cyber threat information confidentially in real time with the aim of reducing the impact of cyberattacks on UK businesses.

CiSP comprises organizations vetted by NCSC which go through a membership process before being able to join. These members could conduct cybersecurity assessment and penetration testing for NHS organizations, retrospectively assisting in implementing key security controls which may have been overlooked.

They can also help by making sure NHS remote access systems are fully patched and advising on sensible security systems and approved solutions. They can identify critical OT and legacy systems and advise on their security.

The British National Cyber security Centre (NCSC) should continue working with the NHS to enhance provision of public comprehensive guidance on cyber defence and response to potential attack. This would show they are on top of the situation, projecting confidence and reassurance.

It is often said in every crisis lies an opportunity. This is an opportunity for the UK government to show agility in how it deals with cyber threats and how it cooperates with the private sector in creating cyber resilience.  It is an opportunity to lead a much-needed cultural change showing cybersecurity should never be an afterthought.

____________________________________

Joyce Hakmeh is Senior Research Fellow, International Security Programme and Co-Editor, Journal of Cyber Policy at Chatham House.

You Might Also Read:

Cyber Breaches Will Kill:

IoT – Pandemics, Opportunities And Massive Data Risks:

 

 

« The Risks Of Remote Working
New Cyber Security Jobs »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Lantronix

Lantronix

Lantronix is a global provider of secure data access and management solutions for Internet of Things (IoT) and information technology assets.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

Roke Manor Research

Roke Manor Research

Roke is a world-class electronics engineering consultancy. Areas of expertise include cyber security, cyber assurance and cryptographic solutions.

Careers in Cyber Security (CiCS)

Careers in Cyber Security (CiCS)

CareersinCyberSecurity is a leading global job board and career resource for Cyber Security, IT Audit, Technology Risk and Data Protection professionals.

SafeLogic

SafeLogic

SafeLogic provides strong encryption products for solutions in mobile, server, Cloud, appliance, wearable, and IoT environments that are pursuing compliance to strict regulatory requirements.

Netsecurity AS

Netsecurity AS

Netsecurity is a Norwegian owned company focused and specialised within IT security and cybersecurity-as-a service.

Beosin

Beosin

Beosin is a blockchain security company providing cybersecurity services including security audits, on-chain asset investigation, threat intelligence and wallet security.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Safetech Innovations

Safetech Innovations

Safetech Innovations is a team of cyber security experts, always at your service. We use human and cyber intelligence to help your business in uncertain times.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

Intracom Telecom

Intracom Telecom

Intracom Telecom is a global telecommunication systems & solutions vendor offering a complete range of professional services and solutions including Information Security.

Cranium

Cranium

AI is being implemented into every business process, but nobody knows whether their AI is secure. Our mission is to deliver security and trust to the AI revolution.

Exacom

Exacom

Exacom is a leading provider of multimedia logging/recording solutions across public safety, government, DoD, energy, utilities, transportation, and security applications.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.