The UK National Health Service (NHS, London) has committed £20 million on a central cybersecurity unit that will use ethical hackers to probe for weakness in the health service’s computer systems.
The newly formed Security Operations Centre (SOC) will monitor UK national health and care services, including a monitoring service to analyze threats and inform appropriate organizations and individuals on how to prepare for cyber-attacks. The SOC will also carry out on-site security assessments for NHS organizations as well as specialist support in order to identify potential weaknesses, and swiftly deal with potential incidents. The ethical hacking aspect will include attempted hacking of NHS systems, starting with the central NHS Digital infrastructure and expanding to individual hospitals upon request.
That cybersecurity unit was formed in the wake of the WannaCry ransomware attack, which hit medical devices and other connected technologies at one-third of NHS hospitals in England in May 2017, with a message informing the user that files have been encrypted, and a demand of USD 300 in bitcoin within three days, or USD 600 within seven days. Up to 70,000 devices, including computers, MRI scanners, blood-storage refrigerators, and theatre equipment may have been affected. The NHS was criticized at that time for maintaining thousands of computers in 42 separate NHS trusts running on Windows XP, and failing to mount a coherent response to WannaCry.
“The SOC will enhance NHS Digital’s current data security services that support the health and care system in protecting sensitive patient information,” said Dan Taylor, head of the NHS Digital Security Centre. “The partnership will provide access to extra specialist resources during peak periods and enable the team to proactively monitor the web for security threats and emerging vulnerabilities. It will also allow us to improve our current capabilities in ethical hacking, vulnerability testing, and the forensic analysis of malicious software.”
Ethical hackers (also known as white hats) find and exploit vulnerabilities and weaknesses in various systems. An ethical hacker’s role is similar to that of a penetration tester, but it involves broader duties, such as employing social engineering techniques to gain access to crucial information or playing the kindness card to trick employees to part with their passwords. An ethical hacker will attempt to evade intrusion detection systems, intrusion prevention systems, honeypots, and firewalls. An ethical hacker attempts the same types of attacks as a malicious hacker would try, such as sniffing networks, bypassing and cracking wireless encryption, and hijacking web servers and web applications.
UK National Health Service