A global cyber shield is needed to avert chaos

If Russian hackers can access hundreds of millions of private health details about Britons, they can do similar damage to globally important financial infrastructure. We need a digital force field.

A global cyber shield is needed to avert chaos

A major cyber-attack on one of the most sensitive and prestigious institutions in the UK has shown how much damage hackers can do after 300 million private and confidential health records were accessed. The attack, attributed to Russia, has implications far beyond the UK and will likely chill the blood of major organisations around the world.

The UK’s public National Health Service (NHS) was targeted via a private blood testing firm called Synnovis. The hack accessed hundreds of millions of health records.

Secretly HIV positive? A cancer diagnosis being kept quiet? An unknown alcohol addiction? All that data was stolen by a Russian group of cybercriminals known as Qilin.

The Guardian reported that at least seven hospitals managed by two NHS trusts were affected. After a $50mn ransom demand was refused, Qilin published the records on the dark web. It included patients’ names, their addresses, and their ailments. Delays over access to vital information needed for procedures resulted in the cancellation of 1,134 scheduled operations for cancer and organ transplant patients and the postponement of 2,194 outpatient appointments within days of the attack.

The repercussions are far from over. More now need to be retested. Some samples have been lost. Others no longer suitable for processing. Medics are scrambling, because patients’ lives may be at risk. The state-owned NHS has suffered reputational damage, but such are its burdens that this will simply be another cut. The service is under severe financial pressure; top doctors and nurses are leaving, and staff vacancy levels are up to 20%.

Pointing to Russia

By refusing to pay the ransom demand, Britain has set a precedent for the cyber gangs, many of which operate out of Russia or the former Soviet states. British authorities have thwarted attacks by the Russian group LockBit, the world’s largest ransomware gang, with help from the US Federal Bureau of Investigation (FBI), Europol, and other international police agencies.

The UK's National Health Service was targeted via a private blood testing firm. The hack accessed hundreds of millions of health records. 

Yet Russian hacks on Western victims are symptomatic of wider world trends. Russia has already said it will strike British military sites and equipment in Ukraine or beyond if Ukraine strikes Russian territory using UK-supplied weapons.

Could this cyber war open up a new front? Is this the start of a new Cold (Cyber) War? As the G7 group of developed nations discussed Moscow's invasion of Ukraine earlier this month, this will have been a factor.

In the event, they decided to use the interest accrued on Russia's frozen assets (around $50bn) to help pay for Kyiv's war effort. Russia's President Vladimir Putin called it "theft" and said there would be a response. Russia's Foreign Ministry spokeswoman, Maria Zakharova, and the head of the Russian Central Bank, Elvira Nabiullina, have also warned of a reaction, the latter saying it would send a signal to other central banks and undermine the global financial system.

Simulating the risks

What next for Russia's offensive cyber arm? The potential for further hacks elsewhere has led to urgent cybersecurity reviews around the world. But what if Russia went further? What if it declared cyber war on Europe?

Banks, financial institutions, and stock exchanges will fear that they may be the next victim. Their business models are largely based on trust in their systems' security. Furthermore, foreign governments engage in "cyber espionage", targeting sensitive data related to wider financial, commercial, and economic matters. The intended result could be a policy change. Britain and others recognise the danger and are on alert.

In November 2015, American and British cyber defence agencies began joint training called Operation Resilient Shield. In this, public and private cybersecurity researchers work alongside big banks, investors, and companies to simulate worst-case cyber scenarios, such as large-scale coordinated attacks on the financial sectors of big Western economies.

The UK's Bank of England and its Financial Conduct Authority took part, as did the White House National Security Council, the US Treasury Department, the US Secret Service, the FBI, the Federal Reserve, the Federal Reserve Bank of New York, the Federal Reserve Bank of Chicago, and the entire US intelligence community.

Global solution needed

That is the kind of near-apocalyptic attack that the West believes could happen, prompting international cyber cooperation in an era in which financial infrastructures are technologically intertwined. The recent operation is the latest iteration. Similar simulations have taken place since 2013. It assumes that a major cyber-attack is a matter of when—not if.

Artificial Intelligence (AI) may be enlisted to help prevent a large-scale cyber-attack on the world's banking and financial systems or critical infrastructure systems such as air or rail travel, electricity grids, or water systems. Each could be paralysed or destroyed.

AI is as likely to help as it is to hinder, however. To keep the world safe, global and sophisticated defences are needed. A cyber dome to save to world?

font change