NHS Digital announces new cyber attack messaging system

WannaCry malware

NHS Digital has established a new system to send cyber security updates across the NHS.

Following a successful pilot, NHS Digital has announced it will send CareCERT alerts and updates by short message service (SMS) alerts during major security incidents.

It will use text messaging to alert staff to ‘high severity security incidents’ and it will then send further messages which directs staff to NHS Digital’s external website for the most up to date information.

According to NHS Digital the new CareCERT system will work closely with the National Cyber Security Centre (NCSC) to provide ‘expert guidance’.

The messages will be sent using the free government alert service, GOV.UK Notify and can be sent to NHS organisations across the country without the need to use NHS Mail or any other national applications.

Toby Griffiths, innovation and development lead at the Data Security Centre, said: “Finding a secure way to communicate nationally with NHS organisations during a major incident was a priority for us following the WannaCry incident in May.

“SMS was identified as an appropriate solution following feedback from users affected by WannaCry, as it offers an additional level of resilience beyond the standard channels used for sharing CareCERT updates.’

“CareCERT is the official source of advice, guidance and national incident response for data security in health and care.’

Wannacry is malicious software that crippled the NHS as part of an international cyber attack in May 2017.

Last updated
The Pharmaceutical Journal, PJ, December 2017, Vol 299, No 7908;299(7908):DOI:10.1211/PJ.2017.20204022

You may also be interested in