Across the world, cybersecurity experts have looked closely at the HSE attack and its aftermath. Steve Fenwick, NHS Digital’s head of cybersecurity operations, says it is the most prominent example of the growing ransomware threat affecting a national healthcare system.
Phil Huggins, Interim National Chief Information Security Officer at NHSX, emphasises that ransomware is not necessarily the preserve of organised crime. “The main concern with ransomware is that it’s indiscriminate. The NHS has what we call a large cyberattack surface, a big outside edge, because we're a large sector with lots of people and devices.
"So, if you're a criminal who's trying to steal a bit of money from just anybody, we're a big chunk of that. They may not necessarily be targeting healthcare and possibly don't even understand they’ve picked on somebody with primary care responsibilities. They will just hit the system, take control and demand payment because we're there, we're connected and we're vulnerable.”
"Money is not necessarily the only incentive," adds Fenwick. “We see lone actors who maybe have a grudge, don’t have a high skillset, have possibly watched a YouTube video and followed the script. That’s low-level stuff. But the financial crime is the big threat. Whether they steal the data or hold it to ransom, they want the cash.”