London Hospitals Were Attacked By Russian Hackers

A parliamentary committee issued a clear warning about the risk of a “catastrophic” ransomware attack months before Russian state -protected  hackers, known as Qilin, struck the National Health Service (NHS). 

Leading London hospitals -Guy's and St Thomas' and King's College - have both been affected by the attack on the pathology services provider Synnovis by the Russian cyber criminal group Qilin

Other London hospitals which have been severely impacted by the attack include the Royal Brompton, and Evelina Children’s Hospital. South London and Maudsley NHS Trust, which provides community and mental health services has also been heavily disrupted.

Qilin shared almost 400GB of private information on their darknet site, something they threatened to do in order to extort money from Synnovis. The result is that these hospitals are running at reduced capacity because of delays to processing vital blood, urine and tissue tests.

The NHS is “particularly vulnerable” and Britain is unprepared for the “high risk” of a major cyber hack,  the parliamentary Joint Committee on National Security Strategy (JCNSS) told the Government.

Russian Hacking Groups

While the syndicate od Russian state-protected hackers is though to comprise more than 100 individual groups, is not under the direct control of the Russian Government. However, its members enjoy safe haven in the country and are seen by Moscow as a useful tool of cyber warfare and global disruption.

According the JCNSS,  the NHS was operating with “crumbling IT services and a lack of investment”, including “IT systems that are out of support or have reached the end of their lifecycle”. This put it in a “particularly difficult position to protect itself from cyber-attacks”.

Home Office ministers and officials have prioritised policy over the threat of ransomware as a national security risk and the Home Office leads on the risks of cyber security but responsibility for this should be transferred to the Prime Minister's Cabinet Office. “There is a high risk that the Government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking. If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security,” the report said. 

In response to the report, the Government said it was making tackling ransomware a priority in an effort to raise the cyber resilience of the UK, and its critical national infrastructure. It pledged further investment and to work with industry and international partners to pursue criminal groups who conduct attacks.

The British Government claims to have spent over £338m on increasing the resilience of NHS systems to protect it from hacks, and in 2023 launched the UK’s Cyber Strategy to set minimum standards of cyber security to help defend critical infrastructure. NHS England said it had set up a helpline to support people impacted by the attack and it will continue to share updates, but "investigations of this type are complex and take time".

The British National Crime Agency (NCA) which leads the UK’s response to cyber crime, was described as being “locked in an uphill struggle against the ransomware threat, with insufficient resources and capabilities to match the scale of this challenge”. The NCA is also reported to be considering the possibility of taking retaliatory action against Qilin.

DigitalHealth   |     The Record   |    Telegraph   |    inews   |    BBC   |    Guardian   |   Independent   | 

Image: Suraphat Nuea-on

You Might Also Read: 

Russia’s Nation-State Hackers: A Serious Threat To Global Security


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« RCE Vulnerability In OpenSSH Server
Treading A Safe Path - Navigating Hidden Ransomware Risks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

CrowdStrike

CrowdStrike

CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

UK Cyber Security Forum

UK Cyber Security Forum

UK Cyber Security Forum is a community interest group for cyber security companies in the UK.

Certego

Certego

Certego is a company of the VEM Sistemi Group specialised in providing managed computer security services and to combat Cyber Crime.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

Forever Group

Forever Group

Forever Group is a Managed Services Provider specialising in Telecommunications, IT Support, and Cyber Security.

TXOne Networks

TXOne Networks

TXOne Networks offer cybersecurity solutions to protect your industrial control systems to ensure their reliability and safety from cyberattacks.

Blattner Technologies

Blattner Technologies

Blattner Technologies mission is to be the leading provider of predictive transformation services and tools in the Data Analytics, Artificial Intelligence and Machine Learning industry.

Oz Forensics

Oz Forensics

Oz Forensics is a global leader in preventing biometric and deepfake fraud. It is a developer of facial Liveness detection for Antifraud Biometric Software with high expertise in the Fintech market.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

Xantaro

Xantaro

Xantaro specializes in technologies, software and services for Carriers, ISPs, Hosting and Cloud Providers as well as for Operators of Data Centres and Campus Networks.