US Edition
Labour launches cyber security crackdown on Russia and China after NHS hack
Sources suggest King’s Speech will include commitment to strengthening rules to prevent rogue actors harming public services
New measures to stop Russian and Chinese cyber attacks are expected to be introduced by the Government following last month’s devastating NHS hack.
Whitehall sources suggested that the King’s Speech on Wednesday will include a commitment to strengthening the rules to prevent rogue actors harming public services.
Providers of central services, such as the NHS and transport networks, are already subject to a safety regime to reduce the risk of digital attacks. However, the rules for third-party contractors are currently less strict.
Last month, two NHS hospital trusts in London were hacked, causing the postponement of more than 800 planned operations and 700 outpatient appointments. The patients disrupted included those in need of cancer treatment and organ transplants.
The hack, thought to be the work of Qilin, a Russian cyber criminal gang. It took place via a ransomware attack on computers run by Synnovis, which provides pathology services to hospitals and GP surgeries in the capital.
The new Government is expected to mandate that all the providers of essential infrastructure understand and protect their supply chains from attack. The measures may also include improving the management of data on cyber attacks to learn lessons from previous hacks.
A source at the Department of Health and Social Care said: “It is painfully clear how vulnerable parts of the health service are to attack. The attacks on King’s and Guy’s and St Thomas’ caused huge chaos and delays to treatment. These attackers saw a weak link in the NHS supply line and ruthlessly exploited it.
“This Government isn’t going to stand by and let malign actors target our NHS and patients. Digital suppliers need to have the same protections as the health service itself. You’re only as strong as the weakest link in the chain.”
Data published by the NHS in London showed that nearly 100 cancer treatments had to be postponed in a six-day period because of the technical problems arising from the recent hack.
On Friday, The Telegraph reported that a 36-year-old mother of two was forced to delay reconstructive surgery following breast cancer. Hanna Groothuizen said the delay meant she was forced to choose between having her cancer removed but losing her breast, or delaying surgery altogether.
Synnovis has apologised for the disruption caused and said it has worked with the NHS to minimise the impact on patients.
Previous estimates have put the cost to the UK economy from cyber crime at £27 billion per year.