Shocking NHS Cyber Attack 2024

Security cameras, patient records, test results, and more. Every step you take in a hospital, you will find a service that depends on technology. For the National Health Service (NHS) in the UK, this can mean the difference between patient care and disaster. The last NHS cyber attack in 2024 has shown that anyone can be targeted.

Who has been affected?

Cyber-attacks on UK hospitals have left thousands with disrupted care, and up to five recorded cases of moderate harm. The most recent attack happened this week (26/11/24), during which a Merseyside hospital lost access to key platforms for providing care.

A statement released by Wirral University Teaching Hospital has advised that some patient appointments are being cancelled, but maternity services remain as normal. The hospital has warned all patients to only attend the hospital in genuine emergency situations to reduce pressure on the staff and systems

Understanding what happens during a cyber threat is the first step to protecting yourself. How does a security breach effect you, as a patient or healthcare worker? Threat actors (the people behind breaches) attempt to sell important personal information across channels like the dark web. This personal information includes email addresses, names, passwords, and more. Selling this information, or leaking it online, could result in serious repercussions for everyday people. Identity theft is a common consequence, leaving thousands open to digital scams and social engineering plots.

Previous attempts to disrupt the NHS have been recorded using various methods.

Other NHS cyber attacks in 2024

Ransomware has been a consistent feature in cyber-attacks, and NHS Scotland has been targeted with this method. NHS Dumfries & Galway experienced a theft of patient and staff data, in the March NHS cyber attack, 2024. Threat actors claimed to have up to 3 terabytes of data in their possession, with the additional threat to sell this information on the dark web.

In a June NHS cyber attack, 2024, several London hospitals were compromised when a third-party provider was subject to a ransomware attack too. The attack focused on pathology services, which lead to cancelled operations, and disruptions to blood transfusions and test results. The effects of this attack are still being felt several months on, after many appointments, services, and operations were compromised.

Patients in need of help have been redirected to other hospitals, who have struggled to maintain the uptime of their services under this new strain. These hospitals were unable to access third party servers, provided by Synnovis IT, meaning patient results were delayed by weeks, with a resolution taking just as long. A similar attack in Germany resulted in a patient death, leading healthcare providers to consider cyber-attacks as a potential threat to human life.

While we currently do not know the source of the ongoing disruption in Merseyside, we know it is not isolated. Between January 2019, and June 2024 there have been 215 ransomware incidents reported in the UK healthcare sector.

Global cyber attacks in healthcare

The UK is currently the 4^th most effected country in terms of cyber-attacks, exceeded by Canada, India, and the United States. With so many attacks happening globally, it is now more important than ever for healthcare providers to develop cyber security strategies.

The most robust way to secure your business against these attacks is to have a well-developed defensive strategy. It’s said that an octopus can squeeze through a gap of just 2 centimetres, and cyber criminals are much the same. Fewer tentacles maybe, but just as slippery, and they will take advantage of the smallest space in your defences.

How to protect yourself

Getronics suggests a multifaceted approach, after all you’re facing multifaceted threats. Start off with your work force. The truth is that most of your team won’t know much about firewalls (not a place to put candles) or VPN’s (not a high-end car brand) and so educating them on cyber defence is important.

• Introduce multifactor authentication.
• Partner with a security operations centre (SOC).
• Keep access to privileged information closely managed.
• Your team members should not be sharing any information outside secure work channels and never giving private information out.
• Cyber hygiene means robust cybersecurity protocols and regular phishing training for staff.
• Resilience and continuity are needed for comprehensive incident response plans and backup strategies.
• Third-parties present risks, if applicable, identify vulnerabilities that come with using vendors and partners.

We asked Getronics Global Chief Information Security Officer, Joeri Barbier for keyways to maintain consistent security. He suggests:

“From a security perspective, it is essential to ensure foundational measures are robust and consistently maintained. This includes patch management and vulnerability management, endpoint detection and response (EDR), network detection and response (NDR), SOC integration, and leveraging threat intelligence services. While not a silver bullet, the combination of these components provides a near-comprehensive framework that significantly enhances an organization’s resilience to cyber threats.”

In an effort to combat cyber threats across the UK health sector, the National Data Guardian (NDG) and NHS England announced an updated cyber resilience framework, in September 2024. This is specific to health and social care organisations and should help to bring these industries in line with security standards across other sectors.

Keeping your organisation safe should be a number one priority, particularly for fields like healthcare, that store massive amounts of sensitive data. Without proper care taken to match or exceed legal standards, you’re facing a ruined reputation, and hefty fines.

Explore our cybersecurity services, and get in contact to start a conversation about your cybersecurity needs.