London Hospitals Were Attacked By Russian Hackers

Uploaded on 2024-07-03 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Health & Welfare

A parliamentary committee issued a clear warning about the risk of a “catastrophic” ransomware attack months before Russian state -protected  hackers, known as Qilin, struck the National Health Service (NHS). 

Leading London hospitals -Guy's and St Thomas' and King's College - have both been affected by the attack on the pathology services provider Synnovis by the Russian cyber criminal group Qilin

Other London hospitals which have been severely impacted by the attack include the Royal Brompton, and Evelina Children’s Hospital. South London and Maudsley NHS Trust, which provides community and mental health services has also been heavily disrupted.

Qilin shared almost 400GB of private information on their darknet site, something they threatened to do in order to extort money from Synnovis. The result is that these hospitals are running at reduced capacity because of delays to processing vital blood, urine and tissue tests.

The NHS is “particularly vulnerable” and Britain is unprepared for the “high risk” of a major cyber hack,  the parliamentary Joint Committee on National Security Strategy (JCNSS) told the Government.

Russian Hacking Groups

While the syndicate od Russian state-protected hackers is though to comprise more than 100 individual groups, is not under the direct control of the Russian Government. However, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.

According the JCNSS,  the NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”.

Home Office ministers and officials have prioritised policy over the threat of ransomware as a national security risk and the Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Prime Minister's Cabinet Office. “There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said. 

In response to the report, the Government said it was making tackling ransomware a priority in an effort to raise the cyber resilience of the UK, and its critical national infrastructure. It pledged further investment and to work with industry and international partners to pursue criminal groups who conduct attacks.

The British Government claims to have spent over £338m on increasing the resilience of NHS systems to protect it from hacks, and in 2023 launched the UK’s Cyber Strategy to set minimum standards of cyber security to help defend critical infrastructure. NHS England said it had set up a helpline to support people impacted by the attack and it will continue to share updates, but "investigations of this type are complex and take time".

The British National Crime Agency (NCA) which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”. The NCA is also reported to be considering the possibility of taking retaliatory action against Qilin.

DigitalHealth   |     The Record   |    Telegraph   |    inews   |    BBC   |    Guardian   |   Independent   | 

Image: Suraphat Nuea-on

You Might Also Read: 

Russia’s Nation-State Hackers: A Serious Threat To Global Security

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« RCE Vulnerability In OpenSSH Server
Treading A Safe Path - Navigating Hidden Ransomware Risks »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

SecDev

SecDev

SecDev is a consulting firm working at the intersection of geopolitical, digital, urban, energy and cyber risk.

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

Zscaler

Zscaler

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world.

PlaxidityX

PlaxidityX

PlaxidityX (formerly Argus Cyber Security) is a global leader in mobility cyber security, provides DevSecOps, vehicle protection and fleet protection technologies and services.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

PreEmptive Solutions

PreEmptive Solutions

PreEmptive Protection hit the sweet spot between cost, convenience and functionality by helping you protect and secure your apps in a smarter way.

United Network Technologies

United Network Technologies

United Network Technologies is a leading Managed Services Provider, distributor and developer of specialised cyber security components and technologies.

Argentra

Argentra

Argentra is a specialist engineering company, we have years of experience developing custom security software and providing security risk consulting.

Knowledge Lens

Knowledge Lens

Knowledge Lens builds innovative solutions on niche technology areas such as Big Data Analytics, Data Science, Artificial Intelligence, Internet of Things, Augmented Reality, and Blockchain.

Fireblocks

Fireblocks

Fireblocks is a digital asset security platform that helps financial institutions protect digital assets from theft or hackers.

Althammer & Kill

Althammer & Kill

Althammer & Kill offers pragmatic solution concepts for data protection and digitization. We advise in the field of data protection, information security and compliance.

Saffron Networks

Saffron Networks

Saffron Networks is an ISO-certified company. We assure our clients of reliable solutions, specifically with the Security landscape and Enterprise Networking.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.

Munio

Munio

Munio is a leading Fortified IT Support and Cyber Security companies in the south east of the UK.

CyberAntix

CyberAntix

CyberAntix offers Premium CyberSecurity for your business using an advanced Security Operations Centre technology and process platform reinforced by a steadfast and expert SOC team.