The NHS are to spend 20 million on ‘ethical hackers’ that will test the organisations digital defences. They hope to create ‘a national, near real-time monitoring and alerting service that covers the whole health and care system.’ This comes after the ‘Wannacry’ event in May earlier this year, which could have been avoided, if NHS Digital hadn’t failed to apply patches for Windows 7, which had been readily available for two months.
The Wannacry digital attack greatly affected the NHS digital system, which, according to the report, saw over 19,000 medical appointments cancelled, and computers at 600 surgeries shut down. Incredibly, the worldwide cyberattack was slowed, and effectively stopped, at least temporarily, by a 22-year-old called Marcus Hutchins, a computer security researcher from North Devon.
Oz Alashe, CEO of security training firm CybSafe, said that the NHS is a potential goldmine for hackers, with ‘Medical histories, personal information, and address details can easily be used to commit identity fraud and other financial crime. But as WannaCry proved, it’s not only people’s privacy on the line – in some cases, it’s the institution’s very ability to function’.
Computer scientists might want to start thinking about ‘EternalBlue’, and ‘DoublePulsar’ the network infection vector that the ‘Shadow brokers’ used to start off this digital attack. They also might want to think about what functions a kill switch might have, and how software can remain undetected. Medicine students might want to think about what affect a cyber attack might have on the NHS, and how much of the organisation now lies in the digital sphere. Economics students should think about if 20 million pounds is enough money to safely handle the digital protection of a national service such as the NHS.