View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 10, 2016updated 22 Feb 2017 3:33pm

Ransomware hits dozens of NHS hospitals in England

28 NHS Trusts in England hit by cyber attacks.

By Ellie Burns

28 NHS England trusts have been hit by ransomware in the last 12 months, according to figures reported by i newspaper.

Following a Freedom of Information request by cyber security firm NCC Group, four of the 28 attacks were considered to be sufficiently serious that they had to be reported as a potential breach of data protection. The percentage of targeted NHS trusts is a low 14%, however this number obscures the millions of patients’ data potentially at risk following the attacks.

According to the initial report in i, NHS Digital, the body which overseas cyber security for the health service, acknowledged the increase in attacks but said that no ransom had been paid in the ‘rare’ serious attacks. The body also said that no data had been lost in any of the attacks.

“Incidents are rare and in the last year there have been fewer than five reports of nhs-trustransomware attacks on individual machines on a network used by around two million people. In all reported cases, effective and swift action was taken and no ransoms have been paid,” NHS Digital said in a statement.

“Like all organisations the NHS is subject to malicious attacks on its systems and, like all organisations, these attempted attacks are rising. But we are taking action to ensure information is as safe as possible.”

Ransomware targeting healthcare is proving to be a lucrative business – with health records fetching 10 times more than other data on the black market, according to Intel Security. Urging Trusts to bolster security, Gordon Morrison, Director of Government Relations at Intel Security, said:

“With news today that as many as 28 NHS trusts in England have fallen victim to ransomware in the last year alone, there can be no dispute as to the threat this attack vector poses to the NHS. Trusts should take all necessary steps to prevent ransomware infections and to reduce the impact of attacks when they breach defences. From backing-up systems daily and developing an incident response policy, to educating staff on how to spot ‘phishing attacks’, organisations actively working to reduce their risk will find themselves better placed to fend off ransomware attackers – protecting patient data, revenues and reputations.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

“Organisations that want to learn more about the preventative measures and the tools available to combat this threat should look to the No More Ransomware Project, from the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, and Intel Security and Kaspersky Lab.”

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.