NHSmail registers 11 million blocked attacks in three years

Data released through a Freedom of Information request has revealed that NHS email systems have been subjected to some 11 million attacks over the past three years.

According to the information released by NHS Digital, the NHSmail system blocked a total of 11.35 million email attacks between its 2016-2019 financial years.

The most common attacks were those categorised as IP or domain reputation attacks, of which 6.12m were recorded.

Anti-spam systems registered 3.62m incidents during this period, while anti-virus systems recorded 852,000 incidents.

The Freedom of Information (FOI) request was put in by Delinea, a threat analytics software firm based in the US.

The company said the data, which comes a little over two years since the WannaCry attack in 2017, “paints a disturbing picture of the threats posed to the NHSmail infrastructure system”.

Andy Heather, vice president of Centrify, added: “It’s clear that hackers view the NHS as a top target with growing volumes of email attacks deliberately designed to fool doctors, nurses and other health service workers into handing over confidential data.

“Increasingly we’re seeing cyber-criminals gaining access to private information like patient records using legitimate log-in details which have been stolen or sold online.

“All too often this means that malicious activity remains undetected before it’s too late, so it’s vital that hospitals adopt a zero-trust approach to all user activity, ensuring every employee is verified and they are who they say they are.”

NHSmail is used by more than half a million staff on a daily basis in England and Scotland and is available for use by all organisations that are commissioned to deliver publicly funded health and social care.

The worldwide ransomware attack in 2017 targeted computers running the Microsoft Windows operating system, affecting at least 80 of the 236 trusts across England and leaving the NHS with a £92m IT bill.

A white paper written by researchers from Imperial College London’s Institute of Global Health Innovation and recently presented to the House of Lords said fresh investment in NHS cyber security was “urgently needed” to protect patient safety.