NHS Needs “Massive” Investment In Cybersecurity Warn Experts
Early May NHS bosses and government faced questions over why their hospitals were left vulnerable to global cyber-attack “wannacry”. NHS faced days of disarray after the attackers demanding a ransom intruded the health services computer systems.
Doctors warned that this infiltration could cost lives and is the largest cyber-attack in NHS history. As a result of this attack operations and appointments were cancelled, ambulances diverted as up to 40 hospital trusts were becoming infected by this ransomware attack.
Prof Bill Buchanan, from the Cyber Academy at Edinburgh Napier University, told MSPs the attack should act as a "wake-up call" to the government and health service as the ransomware attack hit 11 health trusts in Scotland last month.
Wannacry virus found its way to Scottish NHS systems either through their connection with England’s NHS or through the internet.
The virus spread through computers which were vulnerable through the use of software which shared information between devices, their configuration of firewalls and not being patched with latest version of Microsoft software’s.
Prof Bill Buchanan, said that the penetration of this virus could have been avoided and there is no excuse as to upgrade not having been carried out.
He explains that this was the critical of the patches with highest severity level. Therefore it should have been patched as it was time for the industry to catch up with this patch before a skilled person could take advantage of this vulnerability.
Prof Buchanan added "I think we need a massive increase in spending not just on computers, but in really looking at healthcare services and how we provide that to the citizen."
Director of IT at NHS National Services Scotland, agrees that extra investment is needed, suggesting an extra 15 million needs to be added on top of current £100m spent on centrally managed IT programmes.
However Professor Bill Buchanan describes this figure as “sticking plaster”, stating I think you need to add zero and then maybe another zero."