‘Two-factor authentication may have stopped Synnovis cyber attack’
Beverley Bryant, a strategic advisor at NHS England, suggested that the recent cyber attack on pathology provider Synnovis could have been prevented with the implementation of two-factor authentication. Bryant emphasized the importance of this security measure during the HETT conference on 24 September 2024. She highlighted that two-factor authentication is crucial in enhancing cyber resilience and reducing the risk of attacks within healthcare trusts.
Reflecting on her experience during the disruption caused by the ransomware attack on Synnovis, Bryant emphasized the significance of preparing for potential cyber threats. She stressed the need for hospital boards to plan for extended downtime, ensuring continuity of essential services such as drug rounds and establishing legal mechanisms for third-party supplier disruptions.
Bryant’s insights were shared alongside other experts in the field, including Nasser Arif, Saira Ghafur, and Daniel O’Shaughnessy. O’Shaughnessy commended the NHS’ cyber approach, noting that even sophisticated threat actors often target the supply chain rather than direct hospital trusts.
With an updated cyber resilience framework in place for health and social care organizations, led by NHS England and the National Data Guardian, the transition to the National Cyber Security Centre’s cyber assessment framework aims to enhance data security standards and protect against future cyber threats.
