NHS Digital and Microsoft sign cyber-security deal
NHS Digital has signed a new agreement with Microsoft in an attempt to shore up the defences of NHS computers against malicious software.
The agreement, which runs until June 2018, will provide all UK NHS organisations with centralised security software to help detect malicious cyber attacks and stop them in their tracks.
Also included will be patches and updates for NHS machines still running Windows XP – an operating system Microsft stopped supporting in early 2014.
Reportedly, around 4.7% of NHS machines still use the software although that number was far higher at the beginning of the year.
The document says that Windows XP support will be withdrawn from the entire NHS by 2018 and those areas of the NHS still using unsupported systems should be actively managing them.
The number of systems still using XP became a key statistic during May's WannaCry cyber attack that affected 47 (20% of) NHS Trusts.
The malware virus hijacked NHS computers and demanded a payment of £230 to unlock those affected. If users didn't comply within a certain amount of time, Trust data would be deleted.
Initially, the virus was thought to be the result of a phishing attack. But that option was swiftly ruled out by an expert team deployed to crack the case.
Instead, the attack was attributed to the Lazarus Group – a hacker group blamed for a series of cyber crimes in the past 10 years.
NHS Trusts not downloading the latest security patch, which supposedly fixed the issue the WannaCry virus exploited, is thought to be the main reason behind the attack's success.
Areas of the NHS have steadily been embracing digital technologies in recent months, including the Oxford University Hospitals NHS Foundation Trust which, in partnership with the University of Oxford, sealed a deal with Drayson Technologies to trial three digital solutions to provide more efficient and cheaper care.