Nigeria Healthcare Must Learn From UK's NHS Cyberattack - Expert

A cyber security expert, Benedict Joseph Oluwaseun, has said a recent ransomware attack on the UK's National Health Service (NHS) serves as a stark warning for Nigeria's developing healthcare sector.

Daily Trust reports that the attack, which crippled services across seven NHS hospitals, highlights the critical need for robust cybersecurity measures to protect sensitive patient data.

The cyberattack, believed to have begun on June 3rd, 2024, targeted London NHS hospitals, significantly impacting blood transfusion services and leading to widespread appointment cancellations.

Alarmingly, the attack went beyond service disruption. Hackers stole a massive amount of sensitive patient data, estimated at over 300 million interactions, including potentially life-altering information like HIV and cancer test results.

This stolen data, amounting to nearly 400GB, is now reportedly circulating online on dark web marketplaces and Telegram channels.

In a statement on Monday, Oluwaseun said while Nigeria's healthcare system may not yet operate at the same technological level as the UK, this incident presents invaluable lessons.

The expert said by prioritizing cybersecurity initiatives, Nigerian healthcare institutions can significantly enhance their defenses against similar threats.

"Could This Attack Have Been Prevented? Yes. Several proactive measures could have mitigated the impact of the NHS attack. These include:

"Cybersecurity Training: Educating healthcare management and staff on cybersecurity fundamentals and fostering a culture of cyber hygiene is crucial.

"Regular training programs can equip staff to identify suspicious activity and prevent falling victim to phishing attempts or malware.

"Software Updates: Implementing a system for timely software updates across all medical devices and computer systems is essential. Outdated software contains vulnerabilities that hackers can exploit.

"Access Control Management: Limiting access to sensitive data based on job roles and responsibilities helps prevent unauthorized individuals from viewing or manipulating patient information.

"Advanced Threat Detection: Investing in advanced cybersecurity solutions that can identify and isolate suspicious activity before it escalates into a full-blown attack is critical.

"Building Human Firewalls: Creating a culture of cybersecurity awareness among staff empowers them to be vigilant and report any suspicious activity," the statement read in part.

AllAfrica publishes around 600 reports a day from more than 110 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.