Hacking that has crippled London’s hospitals is the latest attack to hit UK

A Russian cybercrime group called BlackCat, which is a part the UK’s National Health Service, operates several hospitals in London. They hacked Barts Health NHS Trust in June last year and posted some of their data online as an extortion effort.

INC Ransom published three terabytes of data last month. The hacking of NHS Dumfries and Galloway was the result of a hack on the NHS board that oversees a region in Scotland.

Hackers launched a ransomware assault on Monday against a partner of the NHS. The company, Synnovis, helps to manage blood transfusions and laboratory services for hospitals under the Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust. The ransomware attack crippled the services of those hospitals.

These incidents highlight the many cybersecurity challenges that the NHS faces. The NHS provides care to the UK’s 68,000,000 residents via a network of 229. Trusts located across the country. The NHS is the keeper and a vast network consisting of computer systems and providers.

The health service employs 1.7 million people, which is larger than almost all other employers in the world, except for the US and Chinese militaries and McDonald’s Corp.

The NHS is a target for cybercriminals who are motivated by money and want to disrupt or damage their IT systems, in order to extort huge ransoms.

The health service has been a victim of hacking attacks in the past, but it was also one of the biggest victims of the WannaCry ransomware attack of 2017. This early strain of malware spread across the globe, disrupting services and forcing the temporary closure of emergency rooms at a third NHS trusts.

According to Cisco Systems Inc.’s Talos threat-intelligence division, ransomware gangs targeted health care providers the most out of all industries last year. Cisco blamed the targeting on health-care organizations having “underfunded cybersecurity budgets and a low tolerance for downtime”.

Cybercriminals from across the Atlantic have repeatedly infiltrated the health care sector. They’ve targeted everything from large hospital systems to America’s biggest health insurance company. The FBI received more ransomware reports in the health care and public sector last year than any other industry that the US government has designated as critical infrastructure.

When health-care data and systems are not available, lives can be at risk. Martin Lee, Cisco’s UK-based technical leader of security research wrote in an e-mail that this makes the sector a target for criminals. Outages put pressure on management to pay the attackers in order to restore availability as quickly as possible. Paying the ransom ensures that these attacks are profitable, and encourages further attacks.

Cybersecurity experts claim that the increasing number of attacks on health-care providers, including the NHS, also highlights their difficulty in policing both their own security and that of key suppliers.

The ransomware attack this week on Synnovis is the third to have hit Munich-based Synlab AG in the past 12 months. Synlab AG runs Synnovis along with two NHS hospital trusts based in London. Synlab, one of Europe’s largest providers of medical testing and diagnostic services, announced that its French branch had been attacked by the attacker group Cl0p in June 2023. A cyberattack on the group’s Italian operations paralyzed it in April of this year.

The company said that the attack was “an isolated incident” and had no relation to the incident in Italy from April. It refused to answer other questions, saying it was still assessing the impact of this breach.

Brad Freeman is the co-founder of the cybersecurity firm SenseOn in London. He’s also the director of technology. He said that if an attacker exploits the flaw of a website, and it is then fixed, they will likely find similar ways to get in. This could be because the flaw was a sign that software development practices were poor.

In an email, he said that suppliers like Synnovis were vital to the NHS supply chain. He said that the data breach shows how difficult it is to secure systems with multiple independent suppliers, and what impact this could have on operations.

Experts say that American healthcare providers are attractive targets for cybercrime, just like their counterparts in Britain, because they have limited budgets, vulnerable and complex computer systems, as well as troves and troves sensitive data that is used to make critical decisions.

Mark Montgomery, senior fellow for Foundation for Defense of Democracies and former head of a US government study on cybersecurity, says that attacking hospitals gives attackers an advantage because doctors must quickly resolve any disruptions.

Montgomery stated that “they immediately give potentially life-threatening situations – such as if your MRI does not work, you cannot get data into the operating room or you are unable to get information about blood type.”

A ransomware attack in 2021 on Scripps Health San Diego’s hospital network forced staff to cancel emergency procedures and redirect patients to other hospitals. The hackers knocked down patient records, scheduling, and other vital systems, according to the San Diego Union Tribune, forcing medical staff to resort to paper and pen.

Ardent Health Services operates 30 hospitals across six states. Last year’s ransomware attack forced them to delay certain elective surgeries and divert some patients away from their emergency rooms. Ascension is one of the largest nonprofit health systems in the United States. This year another major ransomware attack hit Ascension. As it tried to restore its systems, the Catholic-affiliated network of hospitals had to divert ambulances and suspend elective surgery. It also had to reschedule some appointments.

Joshua Corman is the leader of strategy for Covid-19, a task force within the US Cybersecurity and Infrastructure Security Agency.

Recently, the Biden administration announced its intention to require that hospitals meet minimum cybersecurity standards.

Other parts of the healthcare industry have also suffered.

Hackers broke into UnitedHealth Group Inc. in February. They stole data from up to one third of Americans and delayed payments worth billions of dollars. Insurance giant says it paid hackers a ransom amounting to more than US$20mil. (RM93.92mil.) in order to prevent the release of patient information.

Adam Marre is the chief information security officer of the cybersecurity firm Arctic Wolf. He said that attackers who target life-saving infrastructure such as hospitals and care centres know they will have the upperhand in any ransom negotiations. Bloomberg

Related Articles