Ransomware attacks on London hospitals are believed to have been carried out by a Russian cyber-gang

LONDON The former British head of cybersecurity believes that a Russian cyber gang was behind the ransomware attack which disrupted London’s hospitals, causing cancellations of operations and appointments.

Ciaran Martin said that a group called Qilin was most likely responsible for the attack against Synnovis. Synnovis provides pathology services to several hospitals managed by the National Health Service.

Martin said that it was one the most serious ransomware attack in the UK, because it crippled operations.

Martin said on BBC Radio 4: “It is the more serious ransomware, where the system simply doesn’t function.” If you work in healthcare at this trust, it is a serious disruption.

According to the NHS, the incident on June 3, affected King’s College, Guy’s and St Thomas’ Hospital Trusts which operate several hospitals in south London, as well clinics and doctor’s practices throughout a large part of the city.

In a memo sent to the staff, it was called a “critical event” and that it had “major impacts” on services. This included blood transfusions. The procedures and operations were canceled or redirected.

The police were notified of the incident.

Mark Dollar, the chief executive of Synnovis, said on Tuesday that they are still trying to figure out what happened. The company made no comment on Wednesday.

Criminals use malware to paralyze computer systems, and then demand money in order to unlock them. Ransomware, the most expensive and disruptive cybercrime type, affects local governments, courts, schools, hospitals, and businesses. Most gangs are located in former Soviet countries and outside the reach of Western Justice.

The state-funded British health system has suffered attacks before. In 2017, a ransomware infection froze the computers in hospitals throughout the country. This led to wards being closed, emergency rooms being shut down, and treatment coming to a standstill.

Qilin (also known as Agenda) advertises in dark web cybercrime forum and leases malware for affiliates to use to conduct attacks, according to Louise Ferrett, of Searchlight Cyber. The group lists more than 100 victims. – AP

Related Articles