London (Parliament News) – A Russian cybercriminal group caused a ransomware attack, halting operations in major London NHS hospitals, leading to a significant capacity reduction, affecting tests, surgeries, and blood transfusions.
A group of Russian cybercriminals is behind the ransomware seizure that ceased operations and tests in major London NHS hospitals, the ex-chief executive of the National Cyber Security Centre has stated.Â
What Impact Did the Cyber Attack Have on NHS Hospitals?
Ciaran Martin expressed that the attack on pathology services firm Synnovis had resulted in a “severe reduction in capacity” and was a “very, very serious happening”. Hospitals declared a crucial incident after the attack and have withdrawn operations and tests and been unable to carry out blood transfusions. Memos to NHS staff at King’s College Hospital, Guy’s and St Thomas’ (including the Royal Brompton and the Evelina London Children’s Hospital) and primary care services in the capital stated there had been a “major IT incident”.
Who Is Behind the London NHS Ransomware Attack?
Martin stated: “Yes. We believe it is a Russian group of cyber offenders who call themselves Qilin. These criminal batches– there are quite a few of them – operate freely from within Russia, they give themselves high-profile names, they’ve got websites on the so-called dark web, and this particular party has about a two-year history of attacking various organisations across the world.
“They’ve done automotive businesses, they’ve attacked the Big Issue here in the UK, they’ve struck Australian courts. They’re simply looking for money.” He stated it was unlikely the Russian hackers would have known they would cause such severe primary healthcare trouble when they set out to do the attack.
He added: “There are two kinds of ransomware attacks. One is when they rob a load of data and they try and extort you into spending so that isn’t released, but this case is distinguishable. It’s the more serious type of ransomware where the system just doesn’t work.
“So, if you’re operating in healthcare in this trust, you’re just not bringing those results so it’s actually seriously disruptive.” He expressed the government had a policy of not paying but the firm would be free to pay the ransom if it chose to. “The criminals are threatening to publish data, but they always do that. Here, the priority is the restoration of services.”
What Is the Response to the NHS Cyber Incident?
The National Cyber Security Centre is examining the impact of the cyber-attack along with NHS officials. Synnovis expressed the incident had been reported to the police and the information commissioner. The health secretary, Victoria Atkins, noted: “Throughout yesterday I had meetings with NHS England and the National Cyber Security Centre to oversee the response to the cyber-attack on pathology services in south-east London.
“My absolute emphasis is patient safety and the safe resumption of services in the coming days.” The Synnovis chief executive, Mark Dollar, stated a task force of IT experts from Synnovis and the NHS was operating to fully assess the impact and what action was required.