The UK’s National Cyber Security Centre (NCSC) is ‘stepping up support’ for the National Health Service to help protect UK hospitals and other healthcare organisations against cyberattacks.
The NCSC’s Annual Review 2020 reveals that the cyber arm of GCHQ has handled more 200 cyber incidents related to coronavirus during the course of this year – almost a third of the total number of incidents it was called in to help with over that period.
And due to the urgency of securing healthcare during the coronavirus pandemic, the NCSC has been helping the NHS to secure itself against cyberattacks.
That includes performing threat hunting on 1.4 million NHS endpoints in an effort to detect potentially suspicious activity and scanning over one million NHS IP addresses to detect cybersecurity weaknesses.
“The second half of the year for us, as it has for everyone else, has been dominated by the response to COVID,” said Lindy Cameron, CEO of the NCSC.
“What we’ve done as an organisation is really pivot towards the health sector to try and give them the best support we can in thinking about their cyber defence to let them focus on responding to the pandemic,” she added.
The NCSC also helped roll out Active Cyber Defence services, including Web Check, Mail Check and protective DNS, to 235 front-line health bodies across the UK, including NHS Trusts to help protect them against phishing attacks and other threats.
“We’ve taken our active cyber-defence portfolio and pivoted it towards the health sector with 230 health bodies using our active cyber defence. That’s all part of the support we’ve given to NHS Digital to help them help the health sector,” Dr Ian Levy, NCSC technical director, told ZDNet.
“We’re stepping up our support quite significantly,” he continued, adding: “Obviously it’s still for individual trusts to protect themselves along with NHS Digital and ourselves, but we’re really trying to take them the knowledge about the threat and actioning support in the sector at large”.
More than 160 instances of high-risk vulnerabilities have been shared with NHS Trusts during the course of this year while the NCSC has also had to to deal with over 200 incidents related to the UK’s coronavirus response – including Russian cyber espionage targeting coronavirus vaccine development.
The 200 coronavirus-related incidents make up a significant chunk of the total number of 723 cyberattacks involving almost 1,200 victims that the NCSC has helped deal with during the course of the past year, a figure up from 658 in the previous year – and the highest number of incidents since the NCSC was set up. It’s also a number that’s likely to continue rising as cybercriminals get more ambitious.
The review also notes that the NCSC has dealt with three times more ransomware attacks than it did last year as attacks become more targeted and more aggressive.
“The expertise of the NCSC, as part of GCHQ, has been invaluable in keeping the country safe: enabling us to defend our democracy, counter high levels of malicious state and criminal activity, and protect against those who have tried to exploit the pandemic,” said Jeremy Fleming, director of GCHQ.
“The years ahead are likely to be just as challenging, but I am confident that in the NCSC we have developed the capabilities, relationships and approaches to keep the UK at the forefront of global cybersecurity,” he added.