Expect more supply-chain attacks on the NHS, expert warns: 'There’s a weakness'
EXCLUSIVE: The NHS's networks make it "very possible to move from an infected system on to another system to shut parts of the NHS down", an expert says warning further attacks could be on the way.
The NHS remains vulnerable to further cyber attacks, an expert has warned, after a breach this week forced several hospitals to cancel operations and blood transfusions.
Health chiefs declared a critical incident amid the attack on IT company Synnovis, which serves NHS pathology labs.
Deryck Mitchelson, Global CISO at Check Point Software Technologies, believes the health service should brace for more attacks of this kind.
“We should expect to see more supply-chain attacks on the NHS, I think there’s a weakness there,” the cyber security expert told the Daily Express.
He also noted that the Ministry of Defence payroll was attacked by hackers last month.
READ MORE: Putin plotting to unleash chaos at Paris Olympics warns ex-FBI agent
“I think the public sector has got a heavy reliance on supply chain, and we need to be doing much more to secure that supply chain. It’s definitely vulnerable," he said.
Mitchelson said he fears NHS networks are configured in a way that makes them a prime target for bad actors.
“A lot of hospitals work on what we call a ‘flat network’, which is exactly as it sounds. It’s similar to your home broadband, your wi-fi, whereby your television, your mobile phone, your computer, your laptop, they’re all on the same network.
“There’s no separation or different levels of security between them. There’s no, what we call, segmentation, between the devices.
He explained that if a flat system gets breached, it's easier for hackers to then “move from that system onto another system.
“So that’s always my concern with healthcare, which is that they probably have more flat networks than most other industries, due to the legacy they’ve got.
DON'T MISS
Urgent warning as most popular PINs are revealed - check if yours is on list [REPORT]
NHS 'critical incident' declared as five major hospitals hit by cyber attack [INSIGHT]
Brands being abused on industrial scale by cyber criminals, warns think tank [LATEST]
“And it does mean that it is very, very possible to move from an infected system on to another system to shut parts of the NHS down.
But he added “hopefully in this case, because it’s the pathology provider, there’s no evidence at this point that [the hackers] have actually gotten to any NHS systems themselves.
“So they should be protected, other than the data that has been shared.”
Royal Brompton, Harefield, Guy's, St Thomas', and King's College Hospitals were all affected, with the first attack hitting on Monday, with staff forced to transfer patients to other facilities at short notice.
Ciaran Martin, the former chief executive of the National Cyber Security Centre said a Russian criminal group were behind the breach, and were "looking for money" in a ransomeware attack against the pathology services firm.
Speaking on BBC Radio 4's Today Programme, Martin said: "We believe it is a Russian group of cyber criminals who call themselves Qilin."
He said the group, which operates on the dark web, were able to operate "freely from within Russia". The ultimately goal of the attack isn't clear, though Martin said they were simply looking for money and were "unlikely" to have known they would cause healthcare disruption.
NHS England has been approached for comment.
