NHS 111 Cyberattack: Experts React to Brazen Breach

A major cyberattack on the NHS 111 service that caused a shutdown of key IT systems is expected to last for more than three weeks. 

The ransomware attack, which took place on August 4 at 7am BST, hit Advanced, a British business software and services provider which powers 85% of the NHS’ call handlers. 

111 callers were unable to get through in the later stages of last week, with The Independent even reporting that some NHS staff had to resort to using pen and paper. 

Read more about the latest cybersecurity news and trends on our dedicated Business Continuity page

Fallout of the incident is said to negatively impact patient referrals, ambulance dispatch, appointment bookings, prescriptions and mental health services. 

Advanced submitted a statement following the hack, stating: “On Thursday 4 August 2022, [we] experienced a disruption to our systems… We immediately took action to mitigate any further risk and isolated all of our Health and Care environments, where the incident was detected.

“With respect to potentially impacted data, our investigation is under way. When we have more information about potential data access or exfiltration, we will update customers as appropriate.” 

Enterprise tech leaders and experts have since reacted to the attack. 

Jason Hart, CTO EMEA at Rapid7, said: “Despite the efforts of the NHS, the volume of activity targeting public healthcare organisations, combined with demands and constraints on resources, means that the cyber risk is still very high. Building resilience must be a focus, whether that's to fend off nation-state attacks or the more common profit-motivated cyberattacks.  

“Cybersecurity is not an ‘install and forget about it’ job, but a process that must be operationalised so security resilience can be continually improved. The lifecycle of “assess, detect and remediate” when dealing with cyberattacks can no longer be an option, instead it must be an essential part of the organisation’s process and form part of the cost of operational running.”

Sam Linford, AVP EMEA Channels at Deep Instinct, said: “Threat actors have no moral compass, and they only care about their attacks causing massive damage, irrespective of who is hurt. 

“Unfortunately, cyberattacks like these are showing no signs of slowing down. Cyber criminals are ruthless and there is no honour among thieves. They don’t care about the humanitarian cause of an organisation and are only interested in targets, which yield the greatest monetary gain. 

“Therefore, critical organisations must have a new approach to cybersecurity that stops attacks before they can cause devastation.”

Sunil Ravi, Chief Security Architect at Versa Networks, said: “Healthcare organisations like the NHS, have already suffered enough with delays and services made unavailable during the COVID-19 pandemic. They cannot afford for cyberattacks to be their downfall.  

“However, implementing security procedures which could also hamper connectivity won’t work either. Healthcare organisations need the uptime to provide crucial patient care and services, whilst also being safe in the knowledge that their networks are secure.

“Therefore, organisations need a solution which provides the best possible security whilst also ensuring high networking performance – this is where technologies that integrate the two, like SASE, can help. SASE ensures that all endpoints are visible, and networks are segmented, meaning security teams can quickly detect, locate and mitigate the impact of cyberattacks, and prevent downtime or disruption to critical services.” 

Martin Riley, Director of Managed Security Services at Bridewell, said: “Incidents will happen, and the key is reducing risk and limiting impact, which in this case it looks like the NHS has done. However, it’s clear that suppliers need to up their game and put in place cyber security controls to reduce risk to their customers.”

EM360, as you know it is about to change. CIA hackers, Google visionaries and some of the other biggest influencers from the tech industry are waiting to engage with you on the technologies that will define the future of enterprise tech. All you have to do is sign up as a premium EM360 Tech Community Member.

Features You Can Unlock As An EM360 Tech Community Member:

• Engage with the leading influencers of Cyber Security, Data Management, Enterprise AI and more.
• Gain access to our expanding library of exclusive content and resources.
• Get insights and opinions from industry leaders on the latest trending topics.
• Rise through the ranks to become an Industry Guru and GET PAID to express your opinion.

If you are a tech enthusiast, this is the place you need to be. Find out more about the EM360 Tech Community.