The Healthcare industry has featured in the top 5 industries attacked by cyber criminals for a number of years now.
The recent WannaCry ransomware attack across the globe that affected many health trusts across England and Scotland has brought the health impact of the cyber threat to the forefront of media and political debate in the run up to the 2017 General Election. So why would anyone want to attack healthcare and what are the threats?
2016 was a very difficult year for healthcare when it came to cyber-attacks and developing cyber threats. According to the TrapX Security 2016 Healthcare Cyber Breach Research report, “the nature of the threat continues to diversify into a greater variety of complex attacks promoted by sophisticated and persistent human attackers.
These attacks against hospitals and medical organisations are still driven by the lucrative economic rewards for organised crime. Medical records are among the most complete set of records available and, hence, are in demand for a variety of reasons.
In October 2016, Ben Gummer, now the ex-Minister for the Cabinet Office and Paymaster General warned that the NHS was at risk of cyber-attacks, saying that “hacking is "no longer the stuff of spy thrillers and action movies" but a clear and present threat and large quantities of sensitive data held by the NHS and the Government is being targeted by hackers.”
In January 2017 Barts Health Trust warn its staff that the trust’s four hospitals in East London: The Royal London, St Bartholomew’s, Whipps Cross and Newham were experiencing a “ransomware virus attack.” This came after similar attacks on Northern Lincolnshire and Goole Foundation trust in the previous October.
A recent report on the Deep Web black market for electronic health records (EHRs) by researchers affiliated with the Institute for Critical Infrastructure Technology pointed out that “healthcare systems are relentlessly and incessantly attacked by different types of attackers.