A new report, from the Henry Jackson Society, warns that British healthcare infrastructure is susceptible to cyberattacks by Russian hackers, which could lead to a ‘healthcare crisis’. The UK based policy think tank looked at recent attacks by Russia on Ukraine and confirmed that healthcare was a particularly vulnerable area. The author has urged the UK Government and healthcare providers themselves to do more to protect themselves.

‘Many of these (healthcare) systems still rely on outdated technology and legacy systems that may not be equipped to handle modern cyber threats, especially within healthcare and local government.’

The report states that attacks to healthcare infrastructure could lead to delayed or incorrect dispensing of medicines and that essential and life-saving equipment in hospitals could also be targeted. Worthy of note the report says was the Russia-aligned group of hackers known as Killnet threatened to attack ventilators in British hospitals in 2022.

The report confirms what many in the industry have been saying for some time

that cyberattacks could lead to a ‘healthcare crisis’, which would overwhelm healthcare infrastructure and put lives at risk.

What do the stats say?

• Healthcare provider attacks have more than quadrupled since 2017
• Attacks don’t just steal or encrypt data – they are now targeting internet enabled medical devices (MRI scanners) and interfering with their productivity
• It is highly likely that cyber-attacks have resulted in deaths and serious injury of patients
• 93% of healthcare organisations had suffered a cyber enabled data breach over the past 3 years. Two thirds had had 5 or more.
• Most healthcare providers felt ill-equipped to deal with the threat of cyber-attacks against their organisation.

And the first step on protecting your organisation is empowering your teams with regular updated security awareness training.

Security Awareness Training – a different approach taken by the CRC network

The Eastern Cyber Resilience Centre was set up in 2021 as a government funded, police staffed company. That means we operate with a public service ethic, putting the needs of our members above all else. We offer a number of free and affordable Cyber Security and Resilience Services that are designed to assist businesses and their staff to have the right strategies to respond to cyber incidents efficiently and migrate any potential damage a cyber-attack may create.

Through Cyber PATH, local university students are trained and mentored by senior ethical hackers, to deliver all our services and to work with staff to build their cyber awareness, understand the latest cyber threats and secure the business’s online environment.

Our Awareness Training focuses on those with little or no cyber security or technical knowledge and is delivered in small, succinct modules, using real-world examples. We tailor our Security Awareness Training to each individual audience to provide the right level of skills and context for your business. We can deliver training to any sized group, in-person, remote or a hybrid of the two.

The trainers are highly knowledgeable, personable, and friendly and pride themselves on providing the right environment for your people to feel comfortable and to ask questions. Below are testimonials from businesses who have already had our Awareness Training.

For just a few hundred pounds, you can help to protect your company against a cyber-attack that ultimately could cost you thousands.

Our Security Awareness Training covers a wide range of cyber security topics, including social engineering, ransomware, and phishing attacks. The training provides simple and effective knowledge for people to understand their environment and provides the confidence to challenge when something doesn’t look right.

As one of our members said after their training session.

The Cyber Path Student was a confident and knowledgeable presenter who put all attendees at ease and lead a thoroughly enjoyable and hugely useful and informative session. Time well spent!”

What should I do now?

Here at the centre, we would recommend that you consider joining our community today as one of our growing number of free core members. You will be supported through implementing the changes you need to make to protect your organisation.

And take a look at our affordable security awareness options to find out what to do next.

A small investment now could lead to massive savings in terms of cost and liability further on down the line.

Reporting a live cyber-attack 24/7

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Reporting a cyber-attack which isn't ongoing

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need. Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).