Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Major NHS ransomware cyberattack once again highlights the threat from the supply chain

June 2024 by AJ Thompson, CCO at Northdoor plc

The cyberattack on pathology service provider Synnovis has huge consequences on major hospitals as emergency patients are diverted elsewhere and operations cancelled

Major hospitals in London have declared a critical incident as a result of a ransomware attack on pathology supplier Synnovis. The nature of the services provided by Synnovis means that operations have been postponed and emergency patients have been sent to alternative hospitals.

London hospitals including Kings College, Guy’s and St Thomas’ and several London GP services have all been affected. The attack meant that there was no access to a main server leading to blood transfusions and test results also being impacted.

This is just the latest in several cyberattacks originating in the supply chain and highlights the fact that this is an increasing route for cybercriminals looking to access high-value data. Investment in front-line cyber defences has been a priority for health service organisations for some time. However, this investment is entirely negated if cybercriminals can get in via the backdoor, as AJ Thompson, CCO, Northdoor plc explains.

“The attack on Synnovis is a classic example of how cybercriminals are using third-party suppliers to attack their intended ‘main’ target. The NHS holds valuable, sensitive data and has always been a target for cyber-gangs. However, with the investment made by the NHS in front-line defences, gangs have switched to an easier route to the data by targeting third-party groups supplying the healthcare service.

“The key to keeping the back-door locked is having an overview of possible vulnerabilities that lie within your supply chain. This, for an organisation with such a huge number of different partners, seems an impossible task for the NHS.

“Current methods of analysing supply chain risk usually involve surveys sent out to potential partners at the point of contract signing. This means that you are entirely reliant on the knowledge, expertise and frankly, honesty, of the IT team of your potential partner. In the face of such consistent and sophisticated attacks, this is no longer acceptable nor effective.

“The nature of supply chain relationships means that almost every partner is connected into systems. This is particularly the case with the NHS as partners providing critical clinical services are essentially part of the organisation and therefore should be under the same levels of scrutiny as in-house departments.

“The only way to do this effectively is to have a 360-degree, 24/7 overview of the whole supply chain. With internal teams struggling with workload already, many are turning to qualified third-party Security Operations Centre provided by IT services consultancies. They have teams of experts who can supplement internal teams allowing for a comprehensive view of where vulnerabilities lie. This then allows NHS organisations to have urgent conversations with supply chain partners to shut the vulnerabilities before they are exploited by cybercriminals.

“Ransomware attacks are not just holding organisations to ransom but patients too, some in desperate need of medical attention. With the supply chain providing such a lucrative route to valuable data for cybercriminals this risk is only going to get worse over the coming months. The NHS and similar organisations have to look at the supply chain and ensure that vulnerabilities are shut and critically, remain shut, keeping data, front-line services and patients safe,” concluded Thompson.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts