NHS Grampian faces outbreak of cyber attacks

Hackers are said to have infiltrated more than 100 banks in 30 countries to steal millions

NHS Grampian logged the largest number of cyber attacks against Scotland’s health boards in the past three years.

The health authority admitted more than 2,250 incidents took place in the past year but said its firewalls had not been breached at any time.

Despite this, the board admitted the attacks were “constant”.

The disclosure, made under freedom of information legislation, is likely to raise fresh concern over the security of patients’ records.

However, the Scottish government insists no “significant” breaches have been reported by health boards.

NHS Orkney revealed its security was breached last August by a hacker who used a virus to encrypt a number of internal files.

The board refused the hacker’s demand for bitcoins in return for an encryption key, and instead restored the files from a backup.

The health board said security was reviewed following the attack.

It has been estimated that cyber crime costs Scottish businesses £5billion per year and that the NHS will need to invest in better security systems and more IT staff to tackle the browing risk of breaches.

Al Berman, a US cyber security expert and president of the Disaster Recovery Institute, a not for profit organisation, said the healthcare industry is struggling to defend itself against cyber attacks.

He said: “The major banks have invested hundreds of millions of pounds on cyber security yet breaches still happen.

“I can’t imagine the NHS has spent anything like that on protecting sensitive data.”

A spokeswoman for the Scottish government, said: “We are aware of low-level incidents, involving phishing emails and malware, which are dealt with at board level.

“However, since reporting began, there have been no cyber attack incidents reported by health boards which are deemed moderate, major or critical.”