Cybersecurity: We block three million dodgy emails every year, says NHS
The NHS has revealed that it is blocking millions of emails a year, ranging from those sent from suspicious addresses through to spam and messages stopped by anti-virus software.
Responding to a Freedom of Information (FoI) Act request, NHS Digital said that in the past three years it had blocked a total of 11.4 million suspicious emails from being delivered to NHS email addresses. Of those, it said over six million were blocked because of the reputation of the IP address or domain they were sent from. Another 3.6 million were blocked by anti-spam systems and 852,000 were stopped by anti-virus software.
SEE: 10 tips for new cybersecurity pros (free PDF)
NHS Digital said it did not hold information on financial losses to the public as a result of these potentially malicious emails.
Andy Heather, VP at security company Centrify that submitted the FoI request, said that hackers view the NHS as a top target, with growing volumes of email attacks deliberately designed to trick health-service workers into handing over confidential data.
Rob Shaw, Deputy Chief Executive of NHS Digital, said: "NHSmail is one of the largest corporate email platforms in the world. Every month there are around 5.5 billion emails sent across more than 1.3 million accounts. The number of emails blocked as a proportion of the total number received from external sources is within the expected range for an organisation of this size and demonstrates the effectiveness of the multiple layers of security we have put in place to protect against phishing and scam emails."
The NHS has been warned that – despite high-profile incidents such as the WannaCry ransomware attack in 2017 which caused £92 million in damage – it is still not paying enough attention to cybersecurity. A report by Imperial College London's Institute of Global Health Innovation found that ageing computer systems, insufficient investment, and a lack of security skills is placing hospitals at risk; however, cash for IT innovations and security projects remains limited.