RSM comments on NHS cyber attack

Commenting on the cyber attack which has reportedly affected NHS England, Steve Snaith, Technology Risk Assurance Partner at RSM said:

‘The source and nature of this particular attack is as yet unknown, through early indications suggest a directed malware attack which appears to be having a significant operational impact on the NHS across the country.

‘This wouldn’t be the first time that the NHS has suffered such an attack. Last year, the North Lincolnshire and Goole Trust was forced to shut down most of its network and cancel appointments and surgery at three hospitals after a virus infected its systems.

‘This latest incident, which seems to be having a much more widespread impact, could be an indiscriminate attack but this seems unlikely.

‘NHS England will no doubt be responding by shutting down infected systems to reduce the spread to back-up systems. We are currently seeing some organisations in the NHS taking proactive prevention measures by shutting down some systems. It is to be hoped that these systems can be brought back up and running as soon as possible.

‘All organisations are targets but by focusing on the NHS it’s clear that these attackers have no conscience. This once again highlights the importance of ensuring that IT vulnerability management, cyber risk staff awareness training, focussed systems and control mechanisms, and robust business continuity and incident response frameworks are kept up-to-date on a regular basis.’