The National Cyber Security Centre (NCSC) has provided cyber defence services to more than 235 NHS organisations in recent months, following the health secretary ordering them to work with the GCHQ unit on security.
In its annual report NCSC said that it has identified and shared more than 160 high risk vulnerabilities with healthcare providers, supported more than 1 million NHS internet protocol addresses and carried out threat-hunting on 1.4 million pieces of computer hardware.
NCSC said that work linked to Covid-19 has dominated its activity over the last few months. “More than 200 of the 723 incidents the NCSC handled this year related to coronavirus and we have deployed experts to support the health sector, including NHS Trusts, through cyber incidents they have faced,” writes Lindy Cameron, who took over as the centre’s chief executive last month, using figures covering the 12 months ending in August.
Its support for NHS organisations includes passing on information on threats, with 51,910 indicators of compromise (IoC) shared by the end of August. NCSC achieved this by using the IoC Machine, an automated system set up last year which has allowed it to cut the time it takes to communicate threats from hours to seconds.
Minister's instruction
On 3 April, health secretary Matt Hancock directed NHS and public health organisations in England to allow GCHQ to check the security of network and information systems “which may, if its security is impaired, affect (directly or indirectly) the ability of the NHS or a public health body to provide services to address coronavirus and coronavirus disease”. The direction ends on 31 December 2020.
The centre has also been involved in specific Covid-19 work, including the building of seven Nightingale field hospitals and the UK’s contact tracing apps. NCSC provided the chief information security officer for England and Wales’ NHS Covid-19 app, previously named as Stuart H under the centre’s convention of not releasing surnames for most staff.
It also sought feedback from external cyber security experts, ran threat modelling workshops and provided technical advice to the governments in Scotland and Northern Ireland on their equivalent apps.
Aside from healthcare, NCSC highlighted its work supporting local authorities, including increased engagement on smart cities activity.
“A critical aspect of our Smart Place programme is maintaining trust with local residents, businesses and stakeholders as well as maintaining the reputation of the council, so working alongside the NCSC is critical in establishing confidence,” writes Graham Farrant, chief executive of Bournemouth, Christchurch and Poole Council, in the report.
It also notes the support provided by NCSC to Redcar and Cleveland Council following a cyber attack in February.
Image from iStock