The cyberattack on NHS Dumfries and Galloway and London Hospitals are the latest breaches to highlight how very exposed the UK healthcare system is to cyber threats. With attackers claiming to have stolen three terabytes of data, this incident highlights the acute vulnerability of the NHS.

NHS Dumfries、Galloway和伦敦医院遭遇的网络攻击是最新的漏洞，突显了英国医疗保健系统面临的网络威胁。攻击者声称窃取了3 TB的数据，这起事件突显了NHS的严重漏洞。

Ransomware and data theft pose the most persistent and significant threats. The NHS’s exposure to such risks highlights the need for a significant update to its cybersecurity approach, moving from one that focuses solely on attack prevention to comprehensive breach containment. Despite UK authorities laying out strategies to bolster cyber resilience across health and social care systems, it’s clear more needs to be done to strengthen the NHS’s defences against cyber threats..

勒索软件和数据盗窃构成了最持久和最严重的威胁。。尽管英国当局制定了增强整个卫生和社会护理系统网络弹性的战略，但显然需要做更多的工作来加强NHS对网络威胁的防御。。

Navigating cybersecurity challenges in NHS organisations

导航NHS组织中的网络安全挑战

The critical nature of healthcare operations and the wealth of sensitive patient data makes the healthcare sector a lucrative target for cybercriminals. Ransomware attacks, especially extortion-only attacks, are becoming a preferred method for criminals, when it comes to healthcare. Threat groups aim to both steal sensitive data for resale and blackmail, and to cripple healthcare services to demand hefty ransoms..

医疗保健业务的关键性质和丰富的敏感患者数据使医疗保健部门成为网络犯罪的有利可图的目标。就医疗保健而言，勒索软件攻击，尤其是仅勒索攻击，正成为犯罪分子的首选方法。威胁组织的目标是窃取敏感数据进行转售和勒索，并削弱医疗保健服务，要求高额赎金。。

In the case of NHS Scotland, we know they will follow the UK’s firm stance against complying with ransom demands. So, the real danger lies in the potential compromise of patient confidentiality and the risk to operational up-time and patient care.

在苏格兰国家医疗服务体系（NHS Scotland）的案例中，我们知道他们将遵循英国反对遵守赎金要求的坚定立场。因此，真正的危险在于患者保密性的潜在妥协以及手术时间和患者护理的风险。

With client safety on the line, Trusts like NHS Dumfries and Galloway must explore new ways to protect their infrastructure and data. This has become more challenging as healthcare organisations embrace digitalisation. Traditional security measures can be too rigid and slow compared to the dynamic nature of cloud-led environments used by NHS organisations..

随着客户安全问题的出现，NHS Dumfries和Galloway等信托机构必须探索保护其基础设施和数据的新方法。随着医疗保健组织拥抱数字化，这变得更加具有挑战性。。。

Cloud migration: unveiling new security vulnerabilities

云迁移：揭示新的安全漏洞

The cloud is one of the greatest points of vulnerability in the NHS. As healthcare organisations rapidly transition to cloud-based systems and digital records, patient care has significantly benefited from the increased agility these technologies provide. However, this shift has simultaneously expanded the cyberattack surface.

云是NHS最大的漏洞之一。随着医疗保健组织迅速过渡到基于云的系统和数字记录，患者护理已从这些技术提供的灵活性提高中受益匪浅。然而，这种转变同时扩大了网络攻击的范围。

Illumio’s Cloud Security Index research reveals that 39 percent of healthcare institutes globally faced annual losses exceeding $1.1m due to cloud breaches. The healthcare sector faced a total loss of over $2.5 million due to cloud breaches suffered either directly or indirectly..

Illumio的云安全指数研究显示，全球39%的医疗保健机构因云漏洞每年面临超过110万美元的损失。由于直接或间接遭受云破坏，医疗保健部门面临超过250万美元的总损失。。

Additionally, the constant need for uptime in healthcare means that these facilities seldom have the luxury to pause for maintenance or updates, and economic pressures and budgetary constraints further tighten the operational leash. Given the myriad of attack vectors and constrained resources, healthcare providers cannot possibly tackle every single threat.

此外，医疗保健对正常运行时间的不断需求意味着这些设施很少有机会暂停维护或更新，经济压力和预算限制进一步收紧了运营约束。鉴于无数的攻击载体和有限的资源，医疗保健提供者不可能应对每一种威胁。

Consequently, adopting an assume attack strategy becomes imperative..

因此，采用假设攻击策略势在必行。。

Operating under the assumption that attacks are inevitable is crucial for advancing towards a mature security strategy, such as Zero Trust. Far from conceding defeat, this approach equips providers to strategically manage and mitigate threats. It shifts the focus from merely trying to prevent unauthorised access to ensuring that once inside, the attackers movements are severely restricted and their impact minimised.

在攻击不可避免的假设下进行操作对于推进成熟的安全策略（例如零信任）至关重要。这种方法非但没有认输，反而使供应商能够战略性地管理和缓解威胁。它将重点从仅仅试图防止未经授权的访问转移到确保一旦进入，攻击者的行动受到严格限制，其影响降至最低。

This strategic shift involves understanding the attackers perspective to identify and protect critical assets effectively..

这一战略转变涉及了解攻击者的观点，以有效识别和保护关键资产。。

Advocating for Zero Trust in healthcare

倡导对医疗保健零信任

Zero Trust is grounded in the ”never trust” always verify” principle, and is critical if healthcare organisations are to strengthen cyber defences and operational resilience. It requires stringent authentication for every network access, challenging the outdated assumption that credentials alone ensure security..

零信任以“从不信任”始终验证“原则为基础，如果医疗机构要加强网络防御和运营弹性，零信任至关重要。它要求对每个网络访问进行严格的身份验证，挑战了仅凭凭据就能确保安全的过时假设。。

A key component of a Zero Trust strategy is Zero Trust Segmentation (ZTS), which applies the “never trust” principle to microsegmentation. Within this technology, NHS staff can access systems seamlessly, maintaining productivity without compromising security. The identity-based approach of ZTS fits easily into the NHS guidelines for segmentation, based on the five diagnostic pillars..

零信任策略的一个关键组成部分是零信任细分（ZTS），它将“从不信任”原则应用于微观细分。在这项技术中，NHS工作人员可以无缝访问系统，在不影响安全的情况下保持生产力。基于身份的ZTS方法很容易符合NHS基于五个诊断支柱的细分指南。。

ZTS enforces strict identity checks for every network movement, effectively blocking unauthorised access. Just as a hospital won’t allow unauthorised personnel in operating theatres, ZTS fortifies critical network segments against unauthorised entry, thus protecting the NHS’s critical assets and patient data against cyber threats..

ZTS对每次网络移动都实施严格的身份检查，有效阻止未经授权的访问。正如医院不允许未经授权的人员进入手术室一样，ZTS加强了关键网络部分的防范，防止未经授权的进入，从而保护NHS的关键资产和患者数据免受网络威胁。。

Empowering NHS institutions with Zero Trust Segmentation

通过零信任细分赋予NHS机构权力

Having the ability to effectively isolate and counteract threats is critical in preserving system integrity and patient data privacy. Adopting proactive breach containment approaches, such as ZTS boosts cyber resilience, whilst also ensuring compliance with legal and regulatory standards. This ultimately helps a healthcare institution to maintain its credibility, reputation, and keep its critical services operational..

能够有效隔离和应对威胁对于保持系统完整性和患者数据隐私至关重要。采用主动防范漏洞的方法（如ZTS）可以提高网络弹性，同时确保遵守法律和监管标准。这最终有助于医疗机构维持其信誉和声誉，并保持其关键服务的运营。。

ZTS begins with comprehensive network mapping to pinpoint potential vulnerabilities and key assets. Armed with this insight, organisations can implement stringent access controls governed by the least privilege principle, which restricts user and device access to only what is essential for their function..

ZTS从全面的网络映射开始，以查明潜在的漏洞和关键资产。有了这种洞察力，组织可以实施严格的访问控制，该控制由最小特权原则控制，该原则将用户和设备的访问限制为仅对其功能至关重要的内容。。

Moreover, consistent monitoring and updating of cybersecurity protocols are imperative, especially in the context of the supply chain, which can be a significant vulnerability. The cyber incident involving Romanian hospitals earlier this year starkly reminds us that attackers exploit supply chain weaknesses to bypass robust security measures.

此外，必须持续监测和更新网络安全协议，特别是在供应链的背景下，这可能是一个重大的漏洞。今年早些时候发生的涉及罗马尼亚医院的网络事件清楚地提醒我们，攻击者利用供应链的弱点绕过强大的安全措施。

It is essential to verify that suppliers implement robust controls, including Zero Trust principles, to protect against vulnerabilities effectively..

必须验证供应商是否实施了强有力的控制，包括零信任原则，以有效防范漏洞。。

Overall, the healthcare sector must pivot to a defensive stance, anticipating breaches and adopting proactive risk-based security measures such as ZTS. This proactive approach, can help institutes like NHS Scotland to embody the never trust, always verify mantra. This stance is crucial for protecting patient information and ensuring continuous care against the backdrop of escalating cyber threats..

总体而言，医疗保健部门必须转向防御立场，预测违规行为，并采取主动的基于风险的安全措施，如ZTS。这种积极主动的方法可以帮助苏格兰国家医疗服务体系（NHS Scotland）等机构体现“永远不信任，永远验证”的口号。。。