Alder Hey Children’s NHS Foundation Trust and Liverpool Heart and Chest Hospital NHS Foundation Trust have both reported unauthorised access to their shared IT systems. The cybercriminal group INC Ransom has claimed responsibility for the breach, alleging they have stolen sensitive data, including patient records and donor information dating back several years. Both hospitals have confirmed that their services remain operational, with investigations ongoing in partnership with the National Crime Agency.
Wirral University Teaching Hospital Cyber Incident
Separately, Wirral University Teaching Hospital declared a “major incident” following a cybersecurity event that required the isolation of its IT systems. This precautionary measure led to some systems being taken offline, causing disruptions to planned services and the postponement of certain procedures. The hospital has implemented business continuity plans, reverting to manual operations in affected areas. Efforts are underway to restore normal operations in collaboration with national cybersecurity services.
National Cyber Security Centre (NCSC) Assessment
The NCSC has reported a marked increase in the frequency and sophistication of cyberattacks targeting the UK’s critical infrastructure, including healthcare facilities. Recent data highlights a significant rise in the number of nationally significant and severe incidents compared to previous years. The agency has emphasised the urgent need to strengthen cyber resilience across critical sectors to address the growing disparity between emerging threats and existing defences.
Government Response
In response to the escalating cyber threats, the UK government is progressing with the Cyber Security and Resilience Bill. This legislation aims to enhance the nation’s cybersecurity framework by expanding regulatory powers and mandating the reporting of cyber incidents. The bill also designates data centres as critical national infrastructure, underscoring their importance to the country’s security.
Conclusion
The recent wave of cyberattacks on British hospitals underscores the pressing need for comprehensive cybersecurity measures in the healthcare sector. As these threats continue to evolve, healthcare institutions must prioritise robust defences to safeguard sensitive data and ensure the continuity of essential services. Building resilience and fostering collaboration will be key to mitigating future risks.
[revised]
Eileen Pierson
Be the first to comment