AS IF THE NHS DOESN'T HAVE ENOUGH TO WORRY ABOUT with all the sick people, it turns out that it is being hammered by bastards with ransomware and relies on antiquarian anti-virus tools to protect its sick punters.
Endpoint security firm and presumably vested interest, Sentinel One, has thrown Freedom of Information (FOI) requests at the NHS and found that 30 per cent of its Trusts have been shaken down my ransomware malware bandits.
One of them, Imperial College Healthcare NHS Trust, has been smashed about like a pinata and admitted to being attacked 19 times in just 12 months.
And we thought that sneezing people with dirty hands and diarrhoea were the biggest problems that NHS facilities had to face these days. It turns out that a bigger threat than a shaky-handed doctor are ransomware, and out of date antivirus, which too many Trusts have.
SentinelOne is concerned about the use of old school AV systems, it only names one system and that is a McAfee one. Most Trusts, apart from two, have some kind of AV protection on their endpoints but that has not stopped bad traffic getting through.
The FOI requests found that 87 per cent of attacks came via a networked NHS device and that 80 per cent were down to phished staffers. However, only a small proportion of the 100 or so Trusts responded to this part of the requests.
"These results are far from surprising. Public sector organisations make a soft target for fraudsters because budget and resource shortages frequently leave hospitals short-changed when it comes to security basics like regular software patching," said Tony Rowan, Chief Security Consultant at SentinelOne.
"The results highlight the fact that old school AV technology is powerless to halt virulent, mutating forms of malware like ransomware and a new more dynamic approach to endpoint protection is needed.
"In the past, NHS Trusts have been singled out by the ICO for their poor record on data breaches and with the growth of connected devices like kidney dialysis machines and heart monitors there is even a chance that poor security practices could put lives at risk."
Many of the Trusts said that they were able to identify their attackers, while others blamed faceless hackers. µ
A hard pill to swallow
Right on schedule, sort of
Other drivers also had deep access to system guts
Plus BBC Sounds on Sky and Now TV