IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Critical NHS cyber security checks suspended due to coronavirus response

NHSX grants six-month extension to complete annual surveys as resources are channeled into handling the virus outbreak

A padlock against a golden background to represent cyber security

NHS Trusts have been granted a six-month delay to completing crucial cyber security resilience checks while resources are rechanneled into handling the coronavirus outbreak.

The health service's recently established digital transformation body NHSX has given organisations a reprieve to complete their annual cyber security checklists so it doesn’t interfere with the healthcare service's COVID-19 response plans.

Health and care organisations are expected to submit a data security and protection toolkit (DSPT) each year to ensure their systems and databases are hack-proof. It’s especially important given how frequent attacks against healthcare organisations have become

DSPTs were originally meant to be completed by the end of the month, but organisations now have until 30 September 2020 to complete their DSPT checklists. They are, however, welcome to complete these beforehand, at which point they’ll be awarded ‘Standards Met’ status as normal.

This has given organisations the space to commit additional resources to clinical response to coronavirus, and away from completing the checklist, if need-be.

“It is critically important that the NHS and Social Care remains resilient to cyber attacks during this period of COVID-19 response,” NHSX has told health and care organisations. 

“Whilst the DSPT submission deadline is being relaxed to account for COVID-19, the cyber security risk remains high. All organisations must continue to maintain their patching regimes.”

The cyber threat facing the NHS, and other organisations, has never been greater. Any attacks launched against Trusts over the next few months, in the mould of the infamous WannaCry attack of 2017 for instance, could result in significant patient harm with services and systems already stretched.

Hackers have already started exploiting the outbreak to further their malicious aims, according to Reuters, with attackers posing as the US Centre for Disease Control (CDC) in order to launch phishing attempts, for instance.

Two of the most widely-used trojans against healthcare organisations in 2019 were Emotet and TrickBot. All eyes will be on cyber attackers over the next few months, to determine whether or not they’ll continue to launch attacks against healthcare organisations struggling to grapple with the coronavirus outbreak. 

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

DHSC sets out ambitious targets for NHS App by 2023, beyond
Business strategy

DHSC sets out ambitious targets for NHS App by 2023, beyond

29 Jun 2022
A new age of asset management
Active Directory

A new age of asset management

1 Jun 2022
Google rescinds mandatory vaccination policy for US staff
Business operations

Google rescinds mandatory vaccination policy for US staff

24 Feb 2022
How coronavirus has accelerated the digital transformation of Britain's public sector
public sector

How coronavirus has accelerated the digital transformation of Britain's public sector

28 Jan 2022

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022