Momentum builds as Critical Communications World d... » Critical Communications World (May 16-18, Hong Kong) is the leading and most influential congress an... New initiative shows increasing importance of CSR » A major new survey on corporate social responsibility (CSR) is now open to electrotechnical busine... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTORA... » SERIES: BUHARISM AND THE FIERCE URGENCY OF NOW A treatise on pastoral jihadism, islamism, arabism a... Commvault partners with Pure Storage » Cisco Live, Melbourne, AU and Tinton Falls, NJ: Commvault has announced the integration of its Commv... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTOR... » A treatise on pastoral jihadism, islamism, arabism and cultural imperialism in Nigeria (Ephesians ... Where was Aisha Buhari when idiot Kumapayi flagr... » "Clip-clip..clip-clip...Did you not hear when BABA DAURA say women's place is in the kitchen?" ... UKCloud launches Disaster Recovery to the Cloud se... » London: UKCloud has announced the launch of Disaster Recovery to the Cloud, a self-service replicati... ADG Holdings bolsters security protection with Tra... » SAN MATEO, CA : TrapX Security™ has announced that ADG Holdings, a provider of proprietary trading a... ExtraHop combines analytics and low-cost storage... » London, UK: ExtraHop has announced several major platform enhancements as part of version 6.2. These... DEFENCE MINISTER MEETS TEENAGERS TAKING PART ... » Defence Minister Earl Howe today met teenagers at the Army’s first ‘Supercamp’, a new initiative whi...

CLICK HERE TO

SOCIAL BOOKMARK

Health Security Header

London, UK: A Freedom of Information study by endpoint security company SentinelOne has revealed that 30% of NHS Trusts have suffered a ransomware attack, potentially placing patient data and lives at risk. One Trust – Imperial College Healthcare NHS Trust – admitted to being attacked 19 times in just 12 months.

SentinelOne made FOI requests to 129 NHS Trusts, of which 94 responded. Three of these refused to answer, claiming that their response could damage their commercial interests. All but two NHS Trusts - Surrey and Sussex, and University College London Hospitals have invested in AV security software on their endpoint devices to protect them from malware and, despite installing a McAfee solution, Leeds Teaching Hospital had suffered five attacks in the past year. No NHS Trusts reported paying a ransom or informed law enforcement of the attacks; all preferred to deal with the attacks internally.

Of the 15 Trusts who were able to provide further information about the origins of the attacks, 87% reported that the attacker gained access through a networked NHS device, with 80% targeted by a phishing attack. Whilst the majority of these Trusts were unable to identify their attackers, one confirmed it was organised cyber criminals with another believing the attack to be conducted by opportunistic hackers.

Ransomware which encrypts data and demands a ransom to decrypt it, has been affecting US hospitals for a while now. The Hollywood Presbyterian Medical Center in Los Angeles notoriously paid cybercriminals £12,000 in February after being infected by Locky, one of the most prolific ransomware variants. SentinelOne has also carried out similar FOI requests with other public sector organisations and discovered that ransomware had affected 60% of UK universities.

“These results are far from surprising,” said Tony Rowan, Chief Security Consultant at SentinelOne. “Public sector organisations make a soft target for fraudsters because budget and resource shortages frequently leave hospitals short-changed when it comes to security basics like regular software patching. The results highlight the fact that old school AV technology is powerless to halt virulent, mutating forms of malware like ransomware and a new more dynamic approach to endpoint protection is needed. In the past NHS Trusts have been singled out by the ICO for their poor record on data breaches and with the growth of connected devices like kidney dialysis machines and heart monitors there is even a chance that poor security practices could put lives at risk.”