New research based on a Freedom of Information (FOI) request has revealed that 34% of NHS trusts in the UK have suffered a ransomware attack in the last 18 months.
All 260 Trusts responded to the FOI request, submitted by digital workplace company RES, with only 18 claiming exemption to provide data because of data rules around patient safety. Four others either had been absorbed by another trust or didn’t hold the relevant information.
In total, 87 out of 260 trusts admitted ransomware attacks, with 60% of Scottish NHS trusts the most frequently targeted.
In England specifically, 79 out of 239 trusts admitted to being targeted by ransomware in the past 12 months.
While Wales had four out of seven trusts claim exemption, Scotland had by far the biggest issue with 8 out of 14 NHS trusts (57%) attacked.
RES VP of UK & Ireland Jason Allaway said hackers know the hospital will have to pay or risk patients’ wellbeing.
“It’s important to unearth such statistics as it shows just how seriously this threat needs to be taken by healthcare organisations.
“Education, vigilance and proven technology such as context-aware access controls, comprehensive blacklisting and whitelisting, read-only access, automated deprovisioning and adequate back-up are some of the vital components that need to be put in place by these trusts to both prevent and combat this problem as efficiently as possible,” Allaway added.
Allaway noted that it should be examined how common these attacks are on other areas of business, like the private sector and education and how often they can prove successful.
“It’s not a case of if you are attacked – it’s more of a question of when.”
Barts Health Trust, the largest NHS hospital trust in England was hit by a ransomware virus last month.
The virus, which is believed to have infected thousands of files, was revealed to staff at the trust via email that warned of a ‘ransomware virus attack issue’.
