Healthcare increasingly targeted by cyber criminals

Article from Digital Care Hub, Published on June 21st 2024 by Iris Steen

6/21/20242 min read

The cyber-attack on pathology service Synnovis continues to have a devastating impact on London hospitals. It is a sober reminder that all health and care providers must be prepared to deal with cyber-attacks.

On Monday 3 June, Synnovis – a pathology partnership between Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospitals NHS Trust and SYNLAB – was the victim of a ransomware cyber attack, resulting in interruptions to many of their services.

The attack is considered to be one of the worst ever in the UK. The clinical impact of the attack has seen a significant reduction in the number of tests which can be processed and reported back to clinical teams.

This means so far 1,134 elective procedures and 2,194 outpatient appointments have been postponed at King’s College Hospital and Guy’s and St Thomas since 3 June.

Qilin – the criminal gang responsible for the attack believed to be based in Russia – has now published almost 400GB sensitive stolen data on the darknet site. The data appears to include patient names, dates of birth, NHS numbers and descriptions of blood tests.

There are also business account spreadsheets detailing financial arrangements between hospitals and GP services and Synnovis.

Qilin also claim that they carried out the attack as a ‘protest’ but declined to explain their political allegiance or location. The group says it chose to attack blood test firm Synnovis deliberately saying: “Our citizens are dying in unequal combat from a lack of medicines and donor blood.” Their claims of political allegiance have been met with cynicism.

The release of this data indicates that Synnovis has not paid any ransom.

NHS England, the National Cyber Security Centre, Synnovis and the hospital trusts are working to identify and resolve the issue.

Ransomware expert Brett Callow from Emsisoft told the BBC that healthcare organisations were increasingly being targeted as the hackers knew that they could cause a lot of harm and sometimes get a big pay day. He said:

“Cybercriminals go where the money is and, unfortunately, the money is in attacking the healthcare sector. And since United Health Group reportedly paid a $22m (£17.3m) ransom earlier this year, the sector is more squarely in the crosshairs than ever before.”

Michelle Corrigan, Programme Director of Better Security, Better Care, said:

“This devastating attack shows that cyber criminals are active, effective and indiscriminate. They do not care who suffers as a result of their actions. This crime has affected people’s immediate care and treatment, and by leaking information on the darkweb, it is also putting them at longer-term risk of identify fraud.

“But they are also putting the stability of the organisations involved at risk by sharing financial information.

“We know that these attacks will continue to happen. All health and social care providers – many of whom are linked to NHS data systems – must take steps to reduce the impact of these attacks. It is critical to have a clear digital business continuity statement, with clear and effective back-ups in place. Better Security, Better Care continues to offer support to care providers to review and improve their arrangements.”

Related links

NHS England update on Synnovis attack

Synnovis statement

BBC article

Better Security, Better Care – support for care providers

Photo by Ian Taylor on Unsplash