Cybersecurity Funds for Preventing Future Outages
The Guardian reports that £21 million in extra budget will go towards helping to prevent future cybersecurity outages. The NHS suffered in the recent wannacry ransomware attacks, which crippled several hospitals IT infrastructure.
Jeremy Hunt has pledged the money to drive up cybersecurity within the NHS.
Windows XP Was a Problem
The NHS hospitals were still using Windows XP, but its usage has fallen, according to the article. The wannacry ransomware attack took advantage of a flaw in XP (codenamed “Eternal Blue”) that was published as a result of the hacks of the US National Security Agency (NSA). The NHS was not the only organisation hit by the attack(s), but it was one of the most high profile.
The Horse Has Bolted
One hopes lessons have been learned, but it remains to be seen whether this will actually improve cybersecurity postures at NHS estates. Cybersecurity is not a new thing – worms have existed for at least thirty-five years (going back to at least the Morris Worm). Ransomware has been around for a few years as well. Increased budgets will help if applied constructively.
Good First Steps
Several of the steps in question will actually be constructive, as broadcast alerts will hopefully prevent infections from spreading. Reducing Windows XP usage will help and should have been done a long time ago. Applying the funds to appropriate data-sharing will help. The biggest thing that should help though will also be improved staff training, which is often overlooked but looks to be on order here.