Amid the coronavirus, healthcare organisations across the world are being battered by cyberattacks at a time when they can least afford to be compromised. This has seen the cybersecurity industry unleash a wave of support for healthcare, and for NHS Wales support has come from heavyweight Thales.
The cybersecurity company has provided its technical threat analysis service free of charge to the NHS Wales Informatics Services (NWIS) team until September, a decision that Russell Cameron, director of cyber, consulting and digital trust at Thales describes as a “no-brainer” for the company.
“In these highly unusual times, it is vital that we protect the systems our healthcare workers rely on,” he tells Verdict.
“As a company, we have been inspired by the work, resilience and fortitude of our NHS workers, not only in Wales, but across the board who are offering their skills to help those in need. In a lot of ways this is our way of saying thanks.”
How Thales is helping NHS Wales beef up its cybersecurity
The technical threat analysis service provided by Thales has already been supplied to healthcare organisations in France, and is designed to help organisations shield themselves against cyberattacks.
“By being able to access Thales’s technical threat analysis service, the NWIS team will be able to better protect vital systems from a surge in cyberattacks,” he says.
“Furthermore, the agreement means that those working remotely are also protected from outside threats, by now having free access to collaborative work solutions such as Citadel and Cryptobox.”
The initiative has also been welcomed by the Welsh government, which has previously partnered with Thales as part of an ongoing effort to build cybersecurity might in the country.
“Partnership working between the Welsh public sector and the private sector has never been so important as we all work together to slow the spread of coronavirus,” said Ken Skates, Minister for Economy, Transport and North Wales, when the initiative was announced.
“Wales is playing a leading role in the rapidly expanding cybersecurity sector and the Welsh Government’s support for this vital area of work is evident, not least in our collaboration with Thales on the National Digital Exploitation Centre – our £20m cyber centre in Ebbw Vale, which is working to deliver the next generation of cyber talent in Wales.
“The Welsh Government is calling on all businesses to respond to the huge challenges presented by this pandemic. I would like to thank Thales, and many companies like it, for their efforts which will help ease pressures on the NHS.”
Cyberattacks amid the coronavirus
As the world battles the coronavirus, hackers have seized on the opportunities it creates for them to infiltrate systems and steal data. Not only has there been a spate of attacks targeting healthcare organisations, but there has also been a dramatic rise in coronavirus-themed phishing attacks.
“Hackers are opportunistic, seeking out anything that could make them a financial or reputational gain, and Covid-19 is no exception,” says Cameron.
“The challenge for IT teams is no different in their approach to security on a day to day basis, but more so from a resource perspective, as hackers take advantage of potentially stretched teams.”
For healthcare organisations such as NHS Wales, however, it is particularly challenging at a time when any impact to systems could have damning consequences, and Cameron urges any that are struggling to get in touch with members of the industry for help.
“Healthcare leaders must be vigilant though and ensure cybersecurity remains a priority in order to enable the rest of the organisation to do its job,” he says.
“A cyberattack could bring down a system or enable hackers to steal sensitive information that could be being used in the fight against the virus. Those healthcare providers that do not have adequate resources should get in touch with the security industry for assistance and allow it to ease the pressure on the service.”
The changing cybersecurity landscape
As much as the coronavirus has created a new normal in the physical world, it has also shifted the cyberattack landscape along with it.
“This crisis has taught us what we already know, how important it is to secure our data and have the highest security systems integrated to curb vulnerabilities. The cyberattack landscape has changed in how the virus has evolved, with attacks first appearing in Asia, Central and Eastern Europe and finally in Western Europe,” says Cameron.
“It seems likely that France and Europe more broadly will observe a rise in the numbers of cyberattacks against their institutions and organisations – as prove by the recent attack on Paris hospitals.”
This has also been seen echoed in the switch to remote working.
“We have seen hackers attempting to take advantage of the increased remote working with the development of new Android apps allowing users to follow the propagation of the virus in the world. Most of these, such as CovidLock, are corrupt and contain ransomwares or ask for banking details,” he says.
“Some of the hackers are also launching phishing or spearfishing campaigns, using the Covid-19 as a lure in order to better infiltrate IT systems.
“Many domain names linked to the Covid-19 have been created in the past few weeks with more than 50% of these names possibly leading to the injection of malware. For example, hackers’ duplicate websites using interactive maps on the progress of the virus and add malware to them.
“As a company, Thales has looked to use its expertise in any way it can during the current crisis, and this is why we have offered our services to NHS Wales in this way.”