What happened to NHS 111 and how can I protect my organisation from a cyber attack?
NHS 111 is the 24/7 number you can call to get urgent treatment and advice about an issue. It can be used to talk directly to specialists, or to book patients into their local emergency department. However, on the 4th August 2022, this service was greatly hindered by a cyberattack on a third-party company which provides services to the NHS. In this blog post, I will go into detail on how this cyberattack happened, what the impact of the attack was, and how it may affect other companies in the future.
For a bit of an introduction, this third-party company is a software and service provider for many businesses across many sectors. For the NHS, they provide a software (a flexible patient management software) that helps NHS organisations to access GP records, automatically comply with data protection laws, issue electronic prescriptions and much more. As the third-party provider reports themselves, they work with 85% of NHS 111 services and their software impacts over 40 million patients.
This cyber attack essentially caused the shutdown of the third-party software, resulting in all of the work having to be done manually. The provider has reported that the NHS should be prepared to complete this work manually for the next few weeks as they repair their systems and increase their security. It is currently unknown how the attack originated in the third-party software as of this post.
Many will still remember the 2017 cyberattack on the NHS with the WannaCry ransomware, which caused severe issues for the NHS and their systems. Over 600 NHS organisations were affected, which caused a lockout of their digital systems and important medical devices, such as MRI scanners. Whilst the attack was prevented from spreading further after only a few hours, the disruption caused by the attack was felt for over a week as systems needed to be repaired and cleared of malicious software.
The effect of this latest security attack wasn’t quite as serious as WannaCry, as it did not completely lock users out of systems, but still resulting in multiple NHS organisations having to resort to manual processing of information and instructions due to the inability to use this important software, and it seems that the effect will last for a while longer than WannaCry. The notice given by the NHS reports that 111 callers will likely have to wait for longer than usual to receive service, but that services will still be accessible to everyone.
According to a government survey, withing the last 12 months, 39% of businesses based in the UK have identified some form of cyberattack, this is consistent with findings for the year 2021 too. Of this 39%, around 80% were phishing attempts and around 20% were more sophisticated and serious forms of attack, such as denial of service attacks, malware or ransomware. Ransomware was determined to be the most serious form of these, and the survey showed that over 50% of businesses had a policy to not pay ransoms.
Encouragingly, according to this same survey, cyber security is now being seen as a higher priority by a greater number of businesses compared to any other year the survey has been performed, which means that hopefully less businesses will be affected by cyberattacks in the future, but on the other side of the coin this can be seen as a note that cyber criminals will be required to up their tactics to counteract the increase in security.
This means that no business can afford to be complacent in today’s climate, as for every increase in security, there is an increase in the complexity of attack tactics. Make sure that employees are properly trained to identify and deal with cyber threats, ensure that passwords are secure and changed on a reasonable basis (with multi-factor authentication), make sure all your endpoints are protected with suitable cyber security software, and finally make sure that all of your critical data is regularly backed up to a secure external location so that should your company be affected by anything serious, you’ve got a backup to revert to and nullify the threat. If you have any questions on cyber security or cyber attacks or want to strengthen your cyber security measures please don’t hesitate to get in touch with the Team here at MJD.
Written by Aidan Streames