Fears over the cyber threat facing healthcare organisations in the UK deepened this week with the startling revelation that an NHS trust was hit by more than 150 online attacks in a five-year period.
We spend a lot of time and resources on ensuring our IT systems are safe
A Freedom of Information (FOI) request by BBC News found that 147 attacks were reported at University Hospitals of Morecambe Bay NHS Trust (UHMBT), which runs hospitals in Barrow, Kendal, Morecambe, and Lancaster.
The trust said it had spent £29,600 in 2017 dealing with the effects of cyber attacks.
And the ‘vast majority’ were ‘untargeted and unsuccessful’, it added.
Speaking to the BBC, Lee Coward, the trust's head of information technology, said its ‘very-rigorous reporting’ process means it was possible it had reported ‘higher volumes of identified cyber attacks than other organisations’.
"We spend a lot of time and resources on ensuring our IT systems are safe," he added.
But University of Cumbria senior lecturer in policing and criminology, Iain Stainton, described the number of attacks on UHMBT as ‘extraordinary’.
The National Cyber Security Centre average was 10 per week across the UK, he added.
More-progressive organisations recognise that swift and accurate detection and response to cyber attacks that evade defensive controls is critical
In 2017, emergency patients had to be transferred from Whitehaven to Carlisle because hackers demanding ransom money had locked NHS staff out of computer systems.
And Copeland Borough Council spent £2m recovering from an attack later the same year, it said.
Independent elected mayor, Mike Starkie, said the effect on the council had been ‘devastating’.
"We had 60 anti-virus systems running and only three of those actually detected that there was anything in the system,” he revealed.
"None of them picked up actually what it was."
Speaking to BBH following the report, Matt Walmsley, EMEA director at Vectra, said: “The fact that the University Hospitals of Morecambe Bay NHS Trust has reported a significantly-high number of cyber attacks than the comparative average for county councils and NHS trusts shouldn’t necessarily ring alarm bells as you can only report what you see and record.
“All defences are imperfect, and many organisations still have a bias towards focusing on the blocking of inbound attacks, but remain blind to those attacks which can, and will, get through.
All defences are imperfect, and many organisations still have a bias towards focusing on the blocking of inbound attacks, but remain blind to those attacks which can, and will, get through
“More-progressive organisations recognise that swift and accurate detection and response to cyber attacks that evade defensive controls is critical.”
And he added: “Slowing down attackers is only part of the story, we also need to speed up the defenders.
“Network traffic analysis is a key component of network threat detection and responses which enables organisations to detect threats that have managed to evade their prevention security tools.”
