NHS facing more cyber-attacks since coronavirus outbreak

The health service has been targeted by rising numbers of cyber attacks since the outbreak of coronavirus, British spies say.

Jeremy Fleming, the head of GCHQ, said hackers had tried to access sensitive information about the UK’s response to the pandemic – including vaccine research – by aiming for the “low-hanging fruit” of human error and poor security practices like the use of weak passwords.

The intruders could be individual criminals or nation states, he said. GCHQ’s cybersecurity wing, the National Cyber Security Centre (NCSC), is helping the NHS deal with the onslaught.

Mr Fleming told a virtual event of the Cheltenham Science Festival on Thursday: “The reality is that we are seeing attacks on the health infrastructure. We do know that, whether it’s states or criminals, they are going after things which are sensitive to us in this regard.

“So, it’s a high priority for us to protect the health sector, protect, particularly, the race to acquire a vaccine, and there has been quite a lot of publicity around all of that.”

Mr Fleming added: “They’re not using particularly different techniques to do it, they’re still looking for pretty basic vulnerabilities in our cybersecurity, they’ll still try and use lures to get people to click on the wrong thing, or will look for vulnerabilities where people aren’t backing up properly, or where they’ve got basic passwords and so on.

“There is a lot of low-hanging fruit, still, in cybersecurity. If we all did some of these basic things, then even quite sophisticated state actors would find it hard to come after us.”

In 2018 the NHS pledged to spends tens of millions of pounds upgrading its IT security after the Wannacry ransomware tore through its creaking digital infrastructure the year before. At the time, much of the health service had still been using the ancient Windows XP operating system, though lessons have been learned since then.

The NHS was very much alive to the problem, The Independent reported in April, with bosses working specifically to mitigate the impact of Covid-19 on sensitive systems.

Mr Fleming’s warning came hours after Labour raised concerns about the threat of “vaccine nationalism”. International bodies including the World Health Organisation have called on individual governments to make sure they behave equitably in securing doses of any eventual vaccine, after deals were signed with leading pharma companies conducting research into inoculations.

In his address Mr Fleming also revealed that GCHQ had also offered cybersecurity support for the NHS contact-tracing app, which remains in development even though the government’s track and trace programme has begun.

“We leant in to advise and help around the creation of the NHS app around Covid, and that’s to make sure that all of our information is as secure as possible, and that the architecture behind the system is really cutting-edge and is protecting the things that we need to do, so that the decisions taken from it are as effective as possible,” Mr Fleming said.

Questions have previously been raised about the security of the app, but the spy chief claimed that “privacy, security, data protection [have] been absolutely at the heart of our approach” to its development.

“It has been built in as a fundamental principle, the way in which the app operates, the way in which, with the user’s authority, it shares data so that clinical decisions can be taken, the way in which, long term, the interests of every individual in this country who downloads the app and the data that they provide is treated long-term has been treated so seriously from the off, that I would like to provide significant reassurance on that.

“I think it’s also equally important that we continue to be as transparent as we can be about that as a nation,” he added.

In a further warning, Mr Fleming said that criminals had seized on the coronavirus crisis as a means of tricking people into giving up personal information or money – amid concerns that fraudsters could take advantage of test and trace to spoof government communications and target vulnerable people.

“We’ve been helping government and helping policing and the National Crime Agency in particular, cope with some of the spikes we’ve seen in serious and organised crime,” he said. ”As it is the case that hostile states can seek to do us harm, cybercriminals have spotted the opportunity from the pandemic,” he said.