NHS remains ‘highly vulnerable’ to future threats, says report

Health secretary, Jeremy Hunt, has been asked to take “urgent” action to prevent another cyber attack on the NHS after a report revealed a string of health services failing in digital security.

NHS Digital’s head of security operations, Chris Flynn, carried out the report, highlighting a range of security failings, such as weak passwords and poorly protected data, stating there is a “false sense of cyber security” among staff.

Flynn also noted: “Many NHS trusts, GP practices and clinical commissioning groups have good security policies but are not being properly implemented.”

The report found fears of hackers crippling the NHS after the WannaCry attack hit 47 health trusts in May.

The report also revealed that an array of NHS firms have not yet installed “vital security updates”; raising concerns that individual hospitals and practices are failing to put in place key protections against another cyber attack.

Labour said Hunt must “wake up” to the threat of further cyber attacks on the NHS, according to The Independent.

Justin Madders MP, shadow health minister, told The Independent: “This damning briefing should be a wake-up call to the health secretary that cyber security remains a matter of immediate urgency and must be at the heart of government planning.

“It is frankly shocking that after the worst cyber security attack in the NHS’s history our health service still remains highly vulnerable to future threats.

“The government must immediately act in the interests of patient safety to ensure a similar attack on the NHS never happens again.”

The NHS has agreed a deal with Microsoft for custom-built software to detect cyber threats.

Written by Leah Alger