The British Institute of Radiology (BIR) and teleradiology firm Telemedicine Clinic (TMC) have both released statements on the recent U.K. cyberattack, stressing the benefits of taking swift action in such a crisis.
On 12 May, a massive cyberattack crippled part of the National Health Service (NHS) in the U.K. Ransomware prevented staff from accessing patient data.
"Whilst this attack affected each hospital individually, in many cases those who acted quickly, closing nonacute services to concentrate resources and swiftly disconnecting modalities from infected networks, suffered the least damage," said Alexander Peck, communications lead for the BIR Clinical Intelligence and Informatics special interest group and chartered IT professional. "An approach of isolation meant minimal short-term disruption whilst defenses were put in place to detect, contain, and eliminate the malware."
The big question is why was the NHS so vulnerable? Peck said it is simply not possible to constantly change or update software in the environments these systems operate in.
"High-quality digital diagnostic equipment is now fully integrated into the hospital environment and is a key part of the clinical decision-making process," he noted. "As a result, the discussion on future prevention strategies is a top priority for PACS teams and IT departments."
In the wake of the attack, TMC provided uninterrupted service; however, the disruption clearly exposed the weaknesses in the system and highlighted the vulnerability of healthcare providers and their ability to manage potentially crippling crises of this nature, the firm stated in a release.
"In the new world, these sorts of attacks are going to become increasingly frequent and the technology that we use to save lives needs to be protected. We're really pleased that Telemedicine Clinic's systems were robust enough to survive this attack with minimal impact, but the same cannot be said about all teleradiology providers," said Alexander Boehmcker, chief executive of TMC.
Teleradiology firms must continue to be vigilant because this is unlikely to be the last attack of its kind, he added.
"Providers like us will need to make sure that we constantly stay ahead of the criminals and healthcare service clients should, rightly, hold us to account to the highest levels of security," he said.