Health July 25, 2018
Cyber security: “The stakes have never been higher” says Director of Technology at Darktrace

By Daniel Male - Accountable Care Journal

On the 70th anniversary of the NHS, Accountable Care Journal Editor, Dan Male, talks with Director of Technology, Andrew Tsonchev at Darktrace about the rapidly transforming cyber security landscape.

Networks across healthcare services are like digital jungles. The attack surface of our clinics and hospitals is expanding across the virtual to the physical. With MRI scanners and new biotech innovations being connected to the internet by the day, as well as clinical data, including prescription and blood type data, being uploaded to cloud platforms, the cyber security landscape in the healthcare sector is transforming rapidly. Protecting the critical medical information of millions of UK citizens and medical systems has never been more challenging.

There are broadly two types of attacks facing the NHS and most organisations around the world: the fast-moving on the one hand, and the low and slow on the other. Last year’s WannaCry was a clear example of the first kind of attack that caused widespread chaos across the NHS. WannaCry was a self-propagating type of ransomware that infiltrated 20,000 computer systems in over 150 countries. Significantly, the cyber-attack spread like wildfire, infecting networks in seconds, jumping from machine to machine, encrypting files and shutting down entire systems in minutes. As we saw with this attack, modern threat actors are able to cause mass damage and disruption to services in record speed, leaving vulnerable people at risk.

As we saw recently with Singaporean healthcare group SingHealth, healthcare services – as fundamental parts of national critical infrastructure- are also subject to deliberate and targeted attacks. These attacks are much slower as the perpetrators take their time to identify blind spots in the network and silently bypass traditional defences in order to lay low and snoop around networks for weeks, sometimes even months.

Now a matter of ‘when, not if, a breach will occur’, the stakes have never been higher when it comes to securing healthcare organisations. As the digitisation of the NHS shows no signs of slowing down, nor should it, we have to accept fast-moving and sophisticated cyber-attacks on critical services as part of our reality. However, there is a silver lining. As attacks have increased in complexity and stealth, the standard of cyber defence is keeping pace with the use of artificial intelligence. We are seeing more and more forward-thinking NHS organisations deploying Darktrace’s AI at the heart of their networks.

Darktrace’s Enterprise Immune System mimics the intelligence of the human immune system. Just as our human bodies protect us from the majority of dangerous viruses and pathogens, some dangers are still able to enter our bodies. The same applies to cyber security – some threats will get in. Darktrace forms a ‘pattern of life’ of any network, by modelling the interactions between every device and user on the network, in real time and differentiating between ‘normal’ and ‘abnormal’ behaviour. By spotting the subtly unusual, the technology can detect threats in their earliest stages and even deliver digital antibodies to quarantine and stop threats from doing damage.

This allows networks to stay protected in wake of the most sophisticated attacks – whether they are noisy and swift, or stealthy and silent. In either case, the ability for AI defences to take proportionate actions on the behalf of humans to thwart cyber-attacks is going to be a gamechanger for NHS security teams who simply cannot react in time. Importantly, these actions are taken so precisely that the rest of the organisation can keep ticking over, allowing doctors and nurses to focus on consistently providing high-quality care knowing that their patients’ clinical data is protected.

For more information on Darktrace, visit their website here