Experts have warned that a cyber attack far worse the Wannacry will hit the UK within the next five years.
NHS Digital, the computer company behind the NHS in the UK aims to protect the sensitive information of is patients by forking out £20 million for an IT contract. Through the contract, a security operations center will be created by consultants. According to Tussel, a government contacts analyst, the deal will form part of a digital defense in the public sector.
It has been reported that the contract is worth £191million. Last year the NHS tendered the same contract out for just £6million. The larger investment in digital security hopes to prevent a repeat of the much talked about Wannacry attack in May, in which the personal medical information of a third of patients visiting hospitals was leaked. The attacked sparked huge criticism following the incoherent response from the NHS.
It is hoped that the contract will assist NHS Digital in protecting the sensitive patient information entrusted to the organization. It is also believed that the new system will provide real-time monitoring and for the online service and will alert systems administrators of possible data breaches with the healthcare system. According to the NHS, the system will also provide admission to extra expert resources during pinnacle periods.
This will help teams to monitor the internet for additional security threats and possible vulnerabilities. A partnership with what the NHS calls ethical hackers will allow the organization to improve its capabilities and test for further vulnerabilities. In addition, the partnership will also offer the institute a change to forensically analyze malicious software.
Ethical hackers work with organizations to break into computer systems and expose vulnerable areas in the software. This method of securing a system is being increasingly used across the globe by large companies. While the hacking team will initially only work on the NHS Digital systems, the work will be extended to test the cyber defenses of hospitals.
One security expert, Sam Smith, said any technical staff employed to work on the NHS system should be NHS staff and be subjected to the same stringent confidentially and security checks. Smith who works for MedConfidential, a privacy campaign group, added that all computer systems should be seen as an integral part of medical safety. It is widely believed that the Wannacry attack on the NHS could have been prevented by the organization simply implementing basic IT security practices.
There has been much criticism over the lack of communication between government and hospitals following the attack. 595 practices and 81 NHS trusts were attacked by the ransomware. Experts have now warned that a cyber attack which could be worse than Wannacry may be coming. Ian Levy from the National Cyber Security Centre has predicted that the UK will experience its first category one cyber attack within the next five years.
He added that once a forensic investigation is completed, the organization will find that it could have been prevented. Established in October 2016, the NCSC has already had to deal with over 500 attempted attacks.