Press "Enter" to skip to content

NHS cyber attack: industry comments

In response to the news that the recent  was the result of a major IT supplier being targeted by ransomware, cybersecurity leaders from DigitalXRAID, Bridwell and CYFOR Secure have weighed in on the vulnerabilities exploited and how organisations can protect against future large-scale ransomware attacks.

Rick Jones, co-founder and CEO of DigitalXRAID, discusses the vulnerabilities of supply chains.

Lawrence Perret-Hall, Director of CYFOR Secure, highlights the business disruption time of ransomware attacks

Martin Riley, Director of Managed Security Services at Bridewell

Comments by Rick Jones, CEO and Co-Founder, DigitalXRAID

This recent IT supply chain attack is yet another example of how cybercriminals are becoming increasingly sophisticated and targeted. They have learned that leveraging back-door entry points through smaller, less resourced points of the supply chain is an effective way to exploit small businesses and gain access to larger ones – in this case, one of the largest public sector bodies in the UK. It is therefore essential that organisations contractually agree liability across their supply chain in the case of a breach. Regular cybersecurity training and a Zero Trust architecture will also help reduce risk and the lateral movement of attackers – but ultimately a Security Operations Centre (SOC) to monitor, detect and mitigate threats is an essential in today’s cyber environment.

Comments by Lawrence Perret-Hall, Director at CYFOR Secure

It’s not uncommon for ransomware attacks of this scale to cause three to four weeks of disruption. But this can cripple smaller businesses and could be hugely detrimental to a public sector healthcare service. To minimise the impact of ransomware, teams need to ensure quick and efficient incident response plans are in place. The executive board needs to recognise the severity of the incident, and IT teams must then begin identifying exactly what happened and its root cause. More often than not, the best solution is to work with a partner who has the expertise in incident response to ensure disruption is kept to a minimum.

Martin Riley, Director of Managed Security Services at Bridewell

“While many will be concerned that disruption across the NHS could last for months, in reality, the situation could have been much worse.

“From the information disclosed, the incident looks to have been handled in line with good practice, with the attack caught early and business continuity practices implemented. Rapid containment and disconnection appear to have been done as part of the incident response process to prevent wider impact on the NHS and its trusts. However, because of the NHS’ highly connected network, it will have had to disable connectivity from the supplier, meaning more manual and slower services.

“The impact, response, and some of the insights into containment and spread suggest it was a ransomware-like attack. The impact of the attack only illustrates how supply chain assurance still does not have the depth required for critical systems. It’s also another reason why the NIS Regulations must incorporate key providers and MSPs.

“Incidents will happen, and the key is reducing risk and limiting impact, which in this case it looks like the NHS has done. However, it’s clear that suppliers need to up their game and put in place cyber security controls to reduce risk to their customers.”

Please follow and like us:

Be First to Comment

Leave a Reply

Technology Reseller Magazine & Site is Published by Kingswood Media 2022