NHS targeted by ransomware scammers

Cyber fraudsters see healthcare as a soft target

The NHS is being targeted in a wave of ransomware attacks as cyber fraudsters focus on what they regard as a weak target.

Just under 30 NHS trusts admit that they have been the victims of ransomware attacks in the past 12 month, according to a Freedom of Information request filed by the i newspaper.

The spate of attacks is all the more worrying in view not just of the critical patient data that hospitals and GP surgeries hold, but also because of the increasing numbers of hospital equipment that is being connected to enable data to flow more efficiently around hospitals.

The i took its data from computer security company NCC Group. "We have seen a 400 per cent increase in these attacks. The health service is by no means alone in facing this kind of attack," Ollie Whitehouse, technical director of NCC Group, told the i.

"But NHS trusts are being increasingly targeted and any loss of patient data would be a nightmare. Like everyone else, they need to apply robust controls."

The NCC declined to name the affected NHS trusts, but there are around 30. Some declined to answer the question about ransomware attacks, but the information suggested that not a single penny was paid out.

Just one trust, located in the East of England, admitted to being hacked twice.

Rashmi Knowles, chief EMEA security architect at RSA, said: "Ransomware is an extremely lucrative business for cyber criminals as once they are in they just need to encrypt the data. Whereas actually stealing data and then trying to resell makes it a much longer process.

"Current data shows that ransomware cases are expected to double from 2015 to 2016, and it should come as no surprise that breaches continue to happen as frequently as they do.

"The results show organisations relying on a fragmented foundation of data and technologies. Because it remains siloed, visibility is incomplete, making attacker activity difficult to scope.

"As a result the speed with which they can detect and investigate threats becomes a real challenge."

Ransomware attacks are on the up, according to a recent Check Point report, and parts of the NHS may be particular vulnerable due to the continuing use of obsolete computing.

The NHS is one of a number of organisations known to still run Windows XP, Microsoft's 15-year-old operating system that it ceased supporting in 2014.

As a whole, it reportedly forked out £40m in 2015 to maintain basic levels of support for Windows XP from Microsoft.