Russian cybercriminals have been identified as the culprits behind a significant cyber attack on multiple major London hospitals.

Ciaran Martin, the former chief executive of the National Cyber Security Centre, shared this information during an interview on BBC Radio 4’s Today programme.

According to Martin, the hackers targeted Synnovis, a firm providing pathology services, in an attempt to extort money.

The ransomware attack, which occurred on Tuesday, caused hospitals to declare a critical incident due to its impact on blood transfusions, test results, and the necessity to cancel surgeries and reroute emergency patients.

‘Serious Type of Ransomware’

The hospitals affected by this attack include King’s College Hospital, Guy’s and St Thomas’ – incorporating the Royal Brompton and the Evelina London Children’s Hospital – along with several primary care services.

Martin identified the cybercriminal group as Qilin, a gang that operates from within Russia and conducts its activities on the dark web. Martin emphasized the severity of this incident, noting that it involved a particularly damaging type of ransomware that disables systems instead of merely stealing data.

The British government maintains a strict policy against paying ransoms, despite the group’s intentions to extort funds. While the hackers aimed for financial gain, it is believed they did not anticipate the extensive disruption to healthcare services that ensued.

Disruption Continues

By Wednesday evening, the NHS reported that the repercussions of the cyber attack were still being felt at Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospital NHS Foundation Trust, and various primary care providers in south-east London.

An NHS London spokesperson reassured the public that all urgent and emergency services remain operational, and most outpatient services are continuing as usual.

However, some operations and procedures that rely heavily on pathology services have been postponed, and blood tests are now being prioritized for the most urgent cases.

This reprioritization has led to the cancellation of some routine phlebotomy appointments. NHS London expressed sincere apologies to the affected patients and advised the public to continue accessing services in the usual manner – dialing 999 in emergencies and using NHS 111 for other concerns.

Patients should attend their appointments unless specifically informed otherwise. The NHS has launched a “cyber incident response team,” with staff working tirelessly around the clock to mitigate the ongoing disruption and restore normal operations as swiftly as possible.

The attack has highlighted the vulnerability of critical healthcare infrastructure to cyber threats and underscored the importance of robust cybersecurity measures.

This incident serves as a stark reminder of the potentially devastating consequences of ransomware attacks, particularly when they target essential public services.

The efforts to resolve the disruptions caused by this cyber attack are ongoing, with the primary focus being the restoration of services and minimizing the impact on patients and healthcare providers.

The NHS and its partners are committed to ensuring that normal service delivery resumes quickly while safeguarding against future attacks.

One patient shared with BBC London that his heart operation was abruptly canceled due to the cyber attack just moments before it was scheduled to begin. Oliver Dowson recounted that his surgeon informed him of an issue with the blood bank.

Dowson explained, “After sitting there since the early hours in a hospital gown, waiting for open-heart surgery, it’s hard not to feel nervous, no matter how calm you try to stay.” He expressed his frustration and anger over the rescheduling of his procedure to the following week.

Synnovis, the company responsible for providing pathology services to the NHS, recently opened new laboratories in Southwark in April.

The firm currently processes around 100,000 blood tests daily, serving approximately two million patients. Synnovis has stated that it is unable to comment further on the cyber attack at this time.

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *