BCS cyber expert comments on ongoing ransomware attack on NHS IT provider

12 Aug 2022 12:03 PM

An IT provider of the NHS was yesterday confirmed to have been hit by a ransomware attack.

Advanced, which delivers digital services such as patient check-in and NHS 111, told the BBC it may take three to four weeks to fully recover.

For you

Be part of something bigger, join the Chartered Institute for IT.

Daniel Card, of BCS, The Chartered Institute for IT, and a cyber security specialist yesterday said:

“In terms of root causes, the provider had to shut down lots of separate systems. That only makes sense to do if a ‘shared control plane’ (where multiple services or assets are held or run from one position) had become owned by the hackers.

“If it wasn't then it doesn't make sense to ‘self-own’ like that.

“With regards to long-term impact it is very possible large volumes of healthcare records were stolen which could include mental health-related data for example. Losing access to this kind of material isn't a ‘whoops’ mistake - systematic failures can often occur over long periods of time.

“The questions for me are – What assurance was conducted prior to this? How were controls tested? What was in their Data Security Protect Toolkit (DSPT) responses?”

“There are systems in place in the NHS to reduce the impact of events like this; there are manual processes and plans in place (E.g paper records, divert to GPs etc).

“It’s very challenging to get the balance right and we don’t yet know the long term impacts.”