Infra
Cyber attacks on critical national infrastructure predicted to increase
Mark Edwards, chief information security officer at Digital Health and Care Wales (DHCW) has predicted that cyber attacks on critical national infrastructure are likely to increase due to global conflict.
Speaking at the NHS Confed Expo in Manchester on 12 June 2024, Edwards said that it was “widely acknowledged” that “the first thing that’s going happen is there’s going to be an increase in cyber attacks”.
He added that the attacks “won’t be to just ransom or extort money,” but will be aimed at causing disruption and bringing systems down.
His comments followed the ransomware attack on Synnovis, which has caused disruption to pathology systems in south east London and led to thousands of appointments being cancelled.
Edwards told the conference that it was important to be “not only mindful of our own security but supply chain security”.
He said that he had worked at Guy’s and St Thomas’ NHS Foundation Trust, which was affected by the attack on Synnovis, and “the security there internally is very good”, adding that the attack was on a third party supply chain.
Edwards warned that ransomware as a service is “extremely dangerous”, because it means that anyone with money can attack anything they want “even without any technical knowledge”.
Commenting on the Synnovis cyber attack, Edwards said that the attackers were thought to have purchased information about which suppliers were vulnerable and gone through them to find out which could affect critical national infrastructure in the health service.
“Then they bought the actual attack service from a company called Qilin which is Russian based. We believe the actors were Russian who performed the attack.
“All they’ve got to do is put the two of them together and watch the attack with no technical knowledge,” he said.
Edwards told the conference that ransomware as a service companies are “outrageous in the way they operate”.
“They’ve got a service desk, a help desk so you can follow up to say ‘I’ve got a problem with the service, can you help me?’
“They advertise on the dark web and on YouTube.
“It just makes it very, very easy for people who’ve got a gripe against someone or want to cause disruption to just launch an attack,” he said.
In the same session, Lena Samuels, chair of the Hampshire, Southampton and Isle of Wight Integrated Care Board and joint chair for North London Mental Health Partnership, said that the risks of supply chain vulnerabilities are “absolutely massive”.
“How do I on a risk register, capture what supply chain resilience looks like in terms of cyber protection?
“Who on my board is even going to ask that question and when are they even going to think about asking that question?” she asked.