Data and securityCyber SecurityNearly half of NHS Trusts victims of ransomware attacks

Nearly half of NHS Trusts victims of ransomware attacks

Research reveals significant rise in ransomware families

Data from a freedom of information request (FOI) by NCC Group has found that 47% of NHS Trusts in England have been successfully targeted by ransomware in the past year.

Some 60 trusts responded to the FOI request, with 28 confirming that they had been the victim of ransomware. Just one trust said they had not been hit in the last year, but that they had been infected in the past, while 31 trusts withheld information citing patient confidentiality.

The news follows hot on the heels of new research by security firm Trend Micro which revealed the occurrence of ransomware families nearly doubled, up by 172%, in the first half of 2016 compared with the whole of 2015. The company identified a total of 79 new ransomware families in the first six months of this year, with 58% of ransomware attacks in the first half originating from attachments in spammed emails.

With Trusts holding a range of sensitive data on patients and employees, a piece of ransomware could cause serious disruption to services and ultimately impact patient care.

Ollie Whitehouse, technical director at NCC Group, said: “The damage that a successful ransomware attack can cause makes these findings not simply an issue for a trust’s IT team, but for its board of directors too. Paying the ransom – which isn’t something we would advise – can cost significant sums of money, yet losing patient data would be a nightmare scenario for an NHS Trust.”

“There is no silver bullet or one single solution that can stop this type of attack, despite what many security companies may claim. Instead, we would recommend a multi-layered approach, applying robust controls such as regular patching of software, using up-to-date anti-virus and educating staff as to the risks posed by phishing and ransomware.”

Related Articles

Government and tech industry hold roundtable on IoT security

Cyber Security Government and tech industry hold roundtable on IoT security

6m Jay Ashar
New Army cyber operations centres for MOD

Cyber Security New Army cyber operations centres for MOD

6m Jay Ashar
Competing priorities biggest roadblock to cybersecurity

Cyber Security Competing priorities biggest roadblock to cybersecurity

6m Jay Ashar
Cybersecurity is a market for lemons

Cyber Security Cybersecurity is a market for lemons

6m Bernard Parsons
Compulsory cyber awareness training for Cardiff council staff

Cyber Security Compulsory cyber awareness training for Cardiff council staff

6m Jay Ashar
UK government to assess the cyber security capability landscape

Cyber Security UK government to assess the cyber security capability landscape

6m Jay Ashar
New capability to help organisations fight cyber threats

Cyber Security New capability to help organisations fight cyber threats

6m Jay Ashar
Room for more cybersecurity over and above GDPR

Cyber Security Room for more cybersecurity over and above GDPR

7m Jay Ashar