The Home Office was warned about the risk of a “catastrophic” ransomware attack in the UK months before Kremlin-protected cyber hackers targeted the NHS.
The NHS was “particularly vulnerable” and Britain was unprepared for the “high risk” of a major cyber hack, MP and peers from the Joint Committee on National Security Strategy (JCNSS) told the Government.
i revealed last week that the Russian hackers behind the attack on the NHS are part of a wider cyber army working under the Kremlin’s protection to try to destabilise the UK ahead of the election.
While the hacking syndicate, made up of more than 100 groups, is not under the direct control of the Russian Government, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.
The UK’s critical national infrastructure was “vulnerable” to an attack, which would have “widespread and damaging consequences”, according to the December report on the threat of ransomware by MPs and peers from the JCNSS.
The NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”, they added.
Home Office ministers and officials prioritised policy on illegal migration and small boats over the threat of ransomware as a national security risk, the report suggested. The Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Cabinet Office and deputy prime minister Oliver Dowden, MPs and peers claimed.
“There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said.
The National Crime Agency, which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”.
Following i‘s revelations that the hackers who attacked the NHS operate under the protection of the Kremlin, Labour accused the Government of making the UK a target for hostile nations.
Dan Jarvis, Shadow Security Minister, said: “Months ago, the JCNSS warned Home Office ministers that the UK was at high risk of a catastrophic ransomware attack at any moment.
“The Conservatives’ lack of leadership in preparing for and preventing ransomware attacks means our country is a prime target for hostile actors.
“The UK should be one of the toughest targets in the world for cyber-attacks. That’s why Labour will conduct a security sprint review within its first 100 days of government to ensure a stronger and more joined-up response to major threats, including ransomware.”
Not surprised at all – some trusts have been using and are still using patient journey systems that were created in 2000.
Make no mistake, this is the final product of Tory austerity and incompetence.
Warned about what? Ransom attacks on medical facilities have been going on for many years. The NHS has been attacked many times. There was a big attack all over the world in 2017.
3 comments
The Home Office was warned about the risk of a “catastrophic” ransomware attack in the UK months before Kremlin-protected cyber hackers targeted the NHS.
The NHS was “particularly vulnerable” and Britain was unprepared for the “high risk” of a major cyber hack, MP and peers from the Joint Committee on National Security Strategy (JCNSS) told the Government.
i revealed last week that the Russian hackers behind the attack on the NHS are part of a wider cyber army working under the Kremlin’s protection to try to destabilise the UK ahead of the election.
While the hacking syndicate, made up of more than 100 groups, is not under the direct control of the Russian Government, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.
The UK’s critical national infrastructure was “vulnerable” to an attack, which would have “widespread and damaging consequences”, according to the December report on the threat of ransomware by MPs and peers from the JCNSS.
The NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”, they added.
Home Office ministers and officials prioritised policy on illegal migration and small boats over the threat of ransomware as a national security risk, the report suggested. The Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Cabinet Office and deputy prime minister Oliver Dowden, MPs and peers claimed.
“There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said.
The National Crime Agency, which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”.
Following i‘s revelations that the hackers who attacked the NHS operate under the protection of the Kremlin, Labour accused the Government of making the UK a target for hostile nations.
Dan Jarvis, Shadow Security Minister, said: “Months ago, the JCNSS warned Home Office ministers that the UK was at high risk of a catastrophic ransomware attack at any moment.
“The Conservatives’ lack of leadership in preparing for and preventing ransomware attacks means our country is a prime target for hostile actors.
“The UK should be one of the toughest targets in the world for cyber-attacks. That’s why Labour will conduct a security sprint review within its first 100 days of government to ensure a stronger and more joined-up response to major threats, including ransomware.”
Not surprised at all – some trusts have been using and are still using patient journey systems that were created in 2000.
Make no mistake, this is the final product of Tory austerity and incompetence.
Warned about what? Ransom attacks on medical facilities have been going on for many years. The NHS has been attacked many times. There was a big attack all over the world in 2017.