Stay Secure: Key Takeaways from Med Tech 2024 & NHS Security Updates in Our June Newsletter

Periculo @ Med Tech 2024

Our Recent Trip to the Med Tech Expo at the NEC in Birmingham?

Meeting so many innovative organisations presenting their cutting-edge medical devices provided us with an excellent opportunity to learn about the future of medical technology and how we can help safeguard these devices and organisations.?

Exhibiting Periculo at the expo allowed us to emphasise the critical importance of cybersecurity in the medical sector. We had insightful conversations about how our CREST Pen Testing services, Cyber Essentials, and Cyber Essentials Plus can safeguard medical technology. We also discussed the recent changes to the NHS Data Security and Protection Toolkit (DSPT) and offered free vulnerability scans to many attendees.

A standout moment was demoing our flagship security tool, Harpe. It was a big hit, showing how straightforward achieving compliance with standards like ISO 27001 can be.

Thank you to everyone who stopped by our booth. We look forward to continuing these important conversations and helping more companies become secure.

Spotlight: NHS Cyber Attack

The Real Impact on NHS Hospitals After the Synnovis Ransomware Attack

Synnovis, a pathology laboratory that processes blood tests on behalf of several NHS organisations, fell victim to a ransomware attack on 3rd June. The hacker group known as Qilin, formed by Russian-speaking hackers, is responsible for the incident, which led to over 380GB of data being published. Patient information and financial records were among the data exposed by these hackers. The IT systems of Synnovis were hacked by the attackers, who then went on to encrypt files and demanded $50 million worth of ransom for their release.

Which Hospitals Were Impacted

Guy's, St Thomas', and King's College Hospital in London were the main hospitals impacted by the attack.

How did the Attack Impact Medical Services?

Below is a breakdown of services and procedures affected during the week of the attack:

Planned Care (day case and inpatient treatments)

• Across the hospitals:814 elective procedures postponed97 of these were cancer treatments

Transplant Impacts

• 18 organs diverted for use by other Trusts
• The majority of diverted organs have been kidneys

Maternity

• 5 planned C-sections postponed/rescheduled

Outpatient Appointments

• 736 hospital outpatient appointments postponed
• 125 community outpatient appointments postponed

Were Other Hospitals Impacted?

Synnovis supplies specialist testing to other hospitals around the UK as well as Guy's and St Thomas, King's College Hospital NHS Foundation Trust, and South London and Maudsley NHS Foundation Trust are still dealing with the incident also. Oxleas NHS Foundation Trust, Lewisham and Greenwich NHS Trust, Bromley Healthcare, and primary care services in South East London are all heavily impacted.

The Synnovis ransomware attack has had a huge impact on the NHS, causing significant disruptions to its services. The ongoing response highlights the urgent need for robust cybersecurity measures to protect vital healthcare infrastructure and data, ensuring the delivery of essential medical services.

Security Tip: Strengthening Supply Chain Security

Supply chain attacks are rising, as seen in the recent ransomware attack on Synnovis, affecting major NHS hospitals and disrupting services. This highlights the need for robust supply chain security.

Key Strategies:

1. Evaluate Vendors: Regularly assess the cybersecurity practices of all third-party vendors.
2. Set Security Requirements: Include stringent security protocols in vendor contracts.
3. Monitor Continuously: Use automated tools to keep an eye on vendor systems.
4. Have an Incident Response Plan: Be prepared with a plan for managing supply chain attacks.
5. Apply Zero Trust: Verify every access request and use multi-factor authentication.
6. Conduct Regular Audits and Pen Tests: Perform frequent security audits and penetration tests.

By implementing these strategies, you can protect your organisation from supply chain attacks and ensure operational resilience.

Find out how Periculo's Supplier Assurance services can help.

Cybersecurity Contracting Services

A Trusted Team of Contractors

Our expertise covers a wide range of roles to meet your specific security needs. Here are some key positions we offer:

Information Security Managers Information Security Consultants Information Security Architects Information Security Engineers Penetration testers Medical Device Security Consultants

Our professionals are dedicated to protecting your digital assets so you can focus on your core business. Whether you need short-term help or long-term strategies, Periculo is your trusted partner in cybersecurity. Please contact us to find out more.

Did You Know?

Did you know that the first computer virus was created as a joke? In 1986, two brothers, Basit and Amjad Farooq Alvi, from Pakistan, created the "Brain" virus. They designed it to protect their medical software from piracy. The virus would replace the boot sector of a floppy disk and display a message with their names, addresses, and phone numbers, asking the user to contact them if their computer was infected. While their intentions weren't to cause harm, the Brain virus ended up spreading worldwide, marking the beginning of the computer virus era.

The Most Simple Security Management System

Harpe is the best way to manage your ISMS. Harpe is an instant security management system that enables you to meet all the requirements of ISO 27001.

Book a demo

Visit Harpe