NHS trust cyber attack investigated

A cyber attack on England’s largest NHS trust has underlined the importance of cyber security at healthcare organisations and has raised renewed fears about NHS legacy IT systems.

England’s largest NHS trust has launched an investigation into a cyber attack that forced systems to be taken offline briefly as a precautionary measure.

Initial reports on 13 January said Barts Health Trust, which runs five hospitals in east London, and services over 2.5million people, had been hit by a ransomware attack.

However, the trust subsequently told the BBC that it had not been hit by malware that encrypts files, and that patient data was not accessed by the attackers.

Investigators are now working to determine the nature of the attack and what systems were affected at the trust.

In October 2016, three hospitals run by the Lincolnshire and Goole Foundation Trust were forced to cancel patient appointments and shut down systems for repairs after a ransomware attack.

The affected systems were reportedly restored without paying any ransom to cyber attackers.

The latest cyber attack on an NHS trust underlines the threat to healthcare organisations and has raised concerns that many NHS trusts still rely on legacy IT systems that are vulnerable to attack.

Recent Freedom of Information requests from 97 NHS trusts have revealed that the annual spend for a single trust was just over £23,000 and that 45 trusts were “unable to specify” their cyber security budgets. Seven said they had spent nothing.

Additionally, in response to a Freedom of Information request by NCC Group in 2016, 47% of NHS trusts in England admitted they had been targeted, just one trust said it had never been targeted, and the rest refused to comment on the grounds of patient confidentiality.

Another survey, by security company Sophos, found that 75% of NHS organisations believed they were “protected against cyber crime”, and 84% said encryption was becoming a necessity. However, only 10% said encryption was “well established within the organisation”.

In November 2016, a Sky News investigation claimed that seven NHS trusts serving more than two million people had failed to spend any money on cyber security protection in the previous year.

The investigation reportedly found misconfigured email servers and outdated software and security certificates. Researchers also uncovered NHS trusts’ emails and passwords.

The International Business Times have subsequently reported that the cyberattack was caused by Trojan malware. 

“The virus has been quarantined, and all major clinical systems are now up and running. No patient data was affected, there was no unauthorised access to medical records, and our antivirus protection has now been updated to prevent any recurrence,” a Barts spokesperson told ZDNet.

It is still unclear as to how hackers gained access to Barts Health Trust’s internal systems. The location and identity of the cybercriminals also remains a mystery.