In May 2017, a global ransomware attack known as WannaCry affected hundreds of thousands of computers around the world – including those belonging to the NHS, which saw 80 of out 236 trusts across England compromised. Four years on, the healthcare sector remains the top target for cyberattacks.
Cybersecurity experts at IT managed service provider Infuse Technology have warned that cybercriminals could cause “irreversible damage” if the healthcare sector does not implement and maintain cybersecurity measures.
Attacks from cybercriminals surged during the pandemic, with the National Cyber Security Centre (NCSC) reporting that it defended the UK health sector from an average of 60 attacks per month between September 2019 and August 2020. The NCSC prevented a total of 723 incidents during this period – a 10% increase on the previous year – with around 200 of the attacks related to Covid-19.
The wealth of sensitive data that healthcare providers possess makes them an attractive target for cybercriminals looking to make money from ransom payments or fraud. Infuse said the wider consequences of attacks by hackers are the adverse impact on patient care outcomes and long-term damage to the healthcare industry, including the high cost of recovering from cyberattacks and a decline in patient trust and safety.
Just last month, the Republic of Ireland’s health service experienced a “catastrophic” attack in which its IT systems were hacked and large numbers of patient records were accessed.
Infuse managing director Paul Howard commented: “The recent attack on the Republic of Ireland’s health service serves as a stark reminder to all organisations within the sector of the importance of implementing cybersecure practices as a priority.
“By correctly training staff and taking collective measures to implement preventative measures such as regular auditing of cybersecurity policies and protocols, healthcare providers can take the necessary steps to protect themselves from digital security threats, and thwart the attempts of exploitative cybercriminals.”