Nigel Thomas, national specification and projects sales manager at ABB Electrification, asks if cybersecurity is the neglected frontline worker of UK healthcare.
In June 2024, a ransomware attack on Synnovis – an agency that manages blood testing laboratories for several major NHS trusts – disrupted more than 10,000 appointments across London hospitals. Tests were delayed, procedures were cancelled, and clinicians were forced to make impossible decisions when it came to patient priority. Later down the line, the attack was linked to the death of a patient at King’s College Hospital. It’s just one of a series of cyberattacks on critical infrastructure that have shook the world in the past decade.
On the frontline, cyberattacks have never been a distant IT problem for healthcare but an issue that plays out in real time, increasing pressure on staff that are already stretched. And as hospitals, walk-in centres, and GP practices become more digitally interconnected, the attack surface is only increasing. The risk is growing in ways the sector is only beginning to reckon with – as is awareness that poor cybersecurity is a direct threat to human life.
The downsides of digitalisation
Hospitals are no longer just clinical environments but complex, technology-driven buildings where smart systems control everything from energy efficiency in heating, ventilation and air conditioning (HVAC), to security management and power distribution. Building Management Systems (BMS) now aggregate data from hundreds of sensors across an entire building, issuing commands to heating, cooling, and electrical infrastructure in real time. This connectivity delivers real benefits. It drives energy efficiency and supports the NHS’s Net Zero ambitions, and enables predictive maintenance that reduces costly downtime. But the same digital connectivity that makes the delivery of healthcare smarter and more efficient quietly increases the vulnerability of its patients.
Older hospital infrastructure contained largely isolated systems. A boiler controller in the basement had no connection to clinical tech – a separation that, though not intentional, provided inherent protection. But today, energy management platforms connect to the broader network, communicate via cloud-based analytics tools, and interface with third-party IoT sensors, each with varied security standards.
The awareness is there, but the confidence is not. While 94% of NHS staff understand their cyber responsibilities, only 36% feel that systems are adequately prepared – and that gap exists against a backdrop of rising phishing attempts and increasingly sophisticated supply chain attacks. Staff can know exactly what a threat looks like and still be powerless to stop it if the underlying infrastructure is not sufficiently protected. That disconnect is precisely what attackers rely on.
The risk is real
It is tempting to think of a compromised BMS as a facilities management problem rather than a ‘patient safety’ one. That assumption is dangerous. Consider what an attacker could do with control of a hospital’s environmental systems. During a summer heatwave, simply manipulating HVAC controls in elderly care wards could put the most vulnerable patients at serious risk within hours.
The power infrastructure risk is equally serious. If ransomware spreads from an energy management platform into wider hospital systems, the consequences extend far beyond locked patient records. Control systems for backup generators can be compromised. The ability to monitor and manage critical electrical infrastructure can be lost entirely. Recent research from ABB shows that every minute of hospital power outage can cost upwards of £6,000 – but the human cost of cancelled surgeries and emergency diversions is unmeasurable.
These are logical extensions of attacks that have already happened, carried out by organised criminal groups who understand exactly how much pressure healthcare organisations are under, and how likely they are to pay – and have paid in the past – to restore services quickly.
A frontline priority
The answer is not to slow the pace of digital transformation in healthcare but to match it with the right level of security. Smart infrastructure is essential to meet the demands of an ageing population and achieve the NHS’s sustainability commitments, so cybersecurity should be treated as a foundational requirement of that transformation, not a response post-attack.
Networks must be made secure, and energy management data streams must be isolated from clinical systems using properly configured firewalls and Virtual Local Area Networks (VLANs). If a BMS is compromised, it could provide a pathway into patient records without the correct security measures in place. Modern secure communication standards, such as KNX Data Secure, use encryption and multi-factor authentication to protect data moving between sensors, controllers, and management platforms.
Hardware must also be certified before deployment. Intelligent circuit breakers now offer digital capabilities for remote management and predictive maintenance, but their security credentials must be verified, meeting rigorous standards across network protocols, access controls, and vulnerability management. It is critical that the full scope of a hospital’s digital infrastructure is properly protected.
The Synnovis cyberattack should serve as a reminder for how important cybersecurity is. The threat is no longer confined to breached databases but now lives in the smart systems that heat wards, power critical life support, and keep the lights on. With that in mind, robust cybersecurity acts as a frontline worker. It must be treated as one.
The technologies needed to protect healthcare facilities are already out there. The mindset just needs to shift: from an IT add-on, to a core component of patient care.
