The NHS: a cybersecurity disaster area
The UK’s much-admired National Health Service is a cybersecurity disaster area.
That’s just been confirmed by a parliamentary committee of inquiry. They make it depressingly clear that the lessons of the “Wannacry” ransom attack of last May have not been learned.
As we noted when the Government’s own watchdog reported the Wannacry attack – which caused thousands of operations to be cancelled – it should have been a relatively easy one to ward off. According to the National Audit Office, “basic IT security best practice” was all that was needed. Did heads roll? Of course not.
And now MPs have reviewed the situation, and – astonishingly, or perhaps not – little has been done.
“Not a single trust has passed NHS cybersecurity testing, despite 200 inspections.” That’s worth reading twice.
As The Independent notes, NHS Digital Bosses claimed the test was too stringent.
Apparently they are still in their jobs. Which, as the security services on both sides of the Atlantic are now warning of a Russian cyber-attack, may not be all that sensible.