Scottish Government speeds up cyber action plan

Resilience board aims to produce document for ministers during June in response to widespread ransomware attack

The Scottish Government has said it is accelerating the development of an action plan for cyber security in the public sector, following last week’s ransomware attack that crippled systems in some NHS organisations.

The step follows an urgent meeting of the National Cyber Resilience Leaders' Board (NCLRB), chaired by Justice Secretary Michael Matheson (pictured).

Michael MathesonHe said the plan will involve a set of guidelines and standards to which all Scottish public sector bodies should comply by 2018, along with support for all of them to achieve accreditation to the Cyber Essentials standard – the UK Government backed scheme – as a minimum requirement.

There will also be a public awareness strategy for public sector organisations.

Hugh Aitken, chief executive of CBI Scotland and chair of the NCRLB, said it aims to have the proposals in front of ministers for their approval by June.

Matheson said: “What is evident from this week’s events is that this was a global attack on an unprecedented scale and, whilst we are now seeing systems returning to normal, we cannot be complacent.

“Today I chaired a meeting of the National Cyber Resilience Leaders’ Board which discussed what lessons we can learn from this incident and how we can take forward the publication of an action plan to ensure we are as prepared as possible for future incidents.

“We need to be clear that combatting threats of this nature isn’t something government can achieve alone. Cyber security is everyone’s business and we need to ensure that all organisations have appropriate safeguards in place.”

Hospital victims

Several hospitals in England, although not specifically targeted, were hit by the attack of the Wanna Decryptor virus last week. It encrypts files on the victim’s computer and is followed up by a ransom demand in exchange for granting the user access to the affected files.

Systems that still rely on the Windows XP operating system have been the most vulnerable.

NHS England has responded by working with the National Cyber Security Centre (NCSC) on cyber testing and providing bespoke advice and action points to its organisations, and offering relevant training to health and care staff.

It has also published guidance through its CareCERT bulletins and on its website

NHS Digital said it is also providing 24/7 support to in-house IT teams.

The NCSC said it is focused on two lines of defence. One is to limit the spread and impact of the attacks by encouraging organisations to follow its guidance on protection against ransomware.

The other has been to urge organisations to keep their security software patches up to date; use proper antivirus services; and back up the data that matters to them so it cannot be used to hold them to ransom.