A significant number of NHS Trusts in England have been hit by ransomware in the past year, according to data from a freedom of information (FOI) request. The FOI request was made by global risk mitigation and cyber security expert NCC Group. Sixty of 155 Trusts responded but 31 of these withheld information with many citing patient confidentialities. However, 28 confirmed they had indeed been a victim of ransomware.

Ransomware is a type of malware that restricts access to systems in some way, often by encrypting files and then demanding a ransom to obtain access. With NHS Trusts holding a range of sensitive data on patients and employees, an attack of this nature locking staff out of patient records could cause serious disruption to services and ultimately impact patient care. Many ransomware attacks are delivered via phishing emails. These are often well crafted and disguised to resemble something non-malicious to fool the recipient. Phishing emails often take the form of parcel delivery notifications, imaginary customer complaints or fake official letters.

Ollie Whitehouse, technical director at NCC Group said: “The damage that a successful ransomware attack can cause makes these findings not simply an issue for a Trust’s IT team, but for its board of directors too. Paying the ransom – which isn’t something we would advise – can cost significant sums of money, yet losing patient data would be a nightmare scenario for an NHS Trust. In the past the ransomware writers were sometimes quite careless and there was often a way to retrieve files. However, they have improved their capabilities and data retrieval is usually no longer an option. It makes preparation even more important.”