As reported by BBC News, leading cybersecurity expert Prof Ciaran Martin urges urgent updates to NHS computer systems to prevent future cyber-attacks
This stark assessment comes in the wake of a major ransomware attack that has severely disrupted healthcare services across London.
Prof Ciaran Martin, the founding CEO of the UK’s National Cyber Security Centre (NCSC), told the BBC: “I was horrified, but not completely surprised. Ransomware attacks on healthcare are a major global problem.”
NHS England said it was increasing its cybersecurity resilience and had invested £338m in the past seven years addressing this issue.
But Prof Martin’s warnings suggest more urgent action may be needed.
A recent British Medical Association report, external highlighted the NHS’s ageing IT infrastructure, revealing that doctors waste 13.5 million hours annually due to outdated systems – equivalent to 8,000 full-time medics’ time.
The 3 June cyber-attack, which Prof Martin described as one of the most serious in British history, targeted Synnovis, a pathology testing organisation, severely affecting services including at Guy’s, St Thomas’, King’s College and Evelina London Children’s Hospitals.
NHS England declared it a regional incident, resulting in 4,913 acute outpatient appointments and 1,391 operations postponed and major data security concerns.
The Russian-based hacking group Qilin, believed to be part of a Kremlin-protected cyber army, demanded a £40m ransom. When the NHS refused to pay, the group published stolen data on the dark web.
This incident reflects a growing trend of Russian cyber criminals targeting global healthcare systems.
Now a professor at the University of Oxford, Prof Martin highlighted three critical issues facing NHS cybersecurity: outdated IT systems, the need to identify vulnerable points, and the importance of basic security practices.
He warned: “In parts of the NHS estate, it’s quite clear that some of the IT is out of date.”
He stressed the importance of identifying “single points of failure” in the system and implementing better backups.
Prof Martin also emphasised that improving basic security measures could significantly hinder attackers, stating: “Those little things make the point of entry quite a lot harder for the thugs to get in.”
Emphasising the severity of the recent attack, he concluded: “It was obvious that this was going to be one of the most serious cyber incidents in British history because of the disruption to healthcare.”
Adverse events should be reported. Reporting forms and information can be found at yellowcard.mhra.gov.uk. Adverse events relating to CSL Seqirus products should also be reported to Seqirus UK Limited on 01748 828816.
1. Seqirus Data on File, August 2023. SREF–17994. 2. Adjuvanted Trivalent Influenza Vaccine (surface antigen, inactivated)▼ Summary of Product Characteristics. 3. Cell-based Trivalent Influenza Vaccine (surface antigen, inactivated)▼ Summary of Product Characteristics.
Be the first to comment