IT upgrades 'seen as a cost', says ex-HSE tech head

IT upgrades 'seen as a cost', says ex-HSE tech head

Upgrades to public health IT systems are seen as a cost not a benefit, which leads to vulnerabilities, according to the HSE’s former chief information officer.

Mon, 17 May, 2021 - 18:01
Niamh Griffin

Upgrades to public health IT systems are seen as a cost not a benefit, which leads to vulnerabilities, according to the HSE’s former chief information officer.

Richard Corbridge oversaw a transformation in the HSE’s computer systems between 2014 and 2017. During that time he faced a ransomware attack called Wannacry, similar to that facing the HSE this week.

Now working in the UK, he said public health systems are frequently the target of these type of attacks 

“I do think public systems that are connected do tend to be a higher target as they are often under-invested in,” he said. 

And therefore patching and upgrades are seen as a cost rather than an investment and often are let run longer than they should.” 

When the immediate risk is over, he expects the systems will be upgraded to higher levels of security and patching.

But based on his experience, Mr Corbridge said installing effective updates is challenging across interconnected health IT systems.

And he said in some cases after the 2017 attack: “This was too expensive to do due to the nature of what IT does in healthcare.” 

He said in the NHS the average age of a PC is estimated at seven years old, and mobile phones at nine.

“If the system is an old version of Windows but is running a CT scanner, you can’t easily upgrade the PC without upgrading the scanner,“ Mr Corbridge said.

And adding to the challenges this week, this latest attack is much more widespread than what the HSE successfully dealt with in 2017.

“WannaCry was targeted at old Windows solutions at the periphery ends of the system. GP surgeries and so on were the targets rather than the large server side of the systems, “ Mr Corbridge said.

He praised the open approach taken by the HSE since Friday, with regular updates through the media and HSE social media platforms.

“I can only imagine how hard the team are working right now on this,” he said.

There is some amazing talent in the HSE’s office of chief information officer that are able to make quick, hard but important decisions and that is seen by the reaction they have made.” 

He said the past few days would have involved contacting all users and administrators and carrying out an audit of the level of patch and system configuration to find weak spots.

The teams, he expected would have been working to break “connectivity from the weak spots to stop the problems growing.”

Read More

HSE hack: What services are available in Munster this week?

CONNECT WITH US TODAY

Whatsapp logo

WHATSAPP

Newsletter logo

NEWSLETTERS

Notification logo

NOTIFICATIONS

Be the first to know the latest news and updates

More in this section

Project Vigilant initiative Man, 24, who died Coleraine crash named locally
Garda sign lamp Gardaí investigating after woman's body discovered in house in Spiddal
National Maternity Hospital costs approaching €150m before construction begins  National Maternity Hospital costs approaching €150m before construction begins 
cyber attackOrganisation: HSE
<p>The 30th anniversary of Jo Jo Dullard's disappearance is on Sunday. </p>

Missing Jo Jo Dullard's sister: 'For anyone with information, it must be a burden to be holding this'

READ NOW

Lunchtime News

Newsletter

Keep up with stories of the day with our lunchtime news wrap and important breaking news alerts.

Latest

Most Read

Cookie Policy Privacy Policy Brand Safety FAQ Help Contact Us Terms and Conditions

© Examiner Echo Group Limited