In the UK, the National Health Service (NHS) is turning to ethical hackers to protect itself from malicious attacks. 20 million pounds has been allocated to improve cyber-security for all trusts within the NHS, through the creation of the Security Operations Centre.

In May, services the NHS provide were undermined by ransomware known as WannaCry. Designed to exploit a flaw in Microsoft software, WannaCry locks away files on computer systems before demanding a ransom for them to be released. The WannaCry attack was eventually stopped by Twitter user @MalwareTechBlog, a 22-year-old from England who works for Kryptos Logic (a cyber-security company) and who inadvertently activated a kill switch in the software. Although, WannaCry was stopped from doing any more harm in the UK, it went on to affect many more organisations in Europe and Asia.

Hospitals had previously been warned of vulnerabilities in their computer infrastructure a year before the attack, but now the government is investing significant money to ensure that cyber-security is maintained. Penetration testing by ethical hackers will take place across 250 NHS Trusts. However, Alan Woodward from the University of Surrey, speaking in New Scientist, said that there are still going to be windows of opportunity for attacks on the NHS and that NHS managers shouldn’t believe cyber-security is something they can outsource. He says, “I fear it could lead to some thinking that unless they have been notified of a problem, none exists.”

AJ Foote

Looking for that perfect career opportunity in the UK, or a client looking to address your recruitment needs, we want to hear from you.