News Hub

Major London hospitals targeted by cyberattack

Written by Thu 6 Jun 2024

A serious cyberattack has led to several hospitals in London, including King’s College Hospital, Guy’s and St Thomas’, being forced to cancel operations. A range of primary care services, blood transfusions and test results have been disrupted after Synnovis, a provider of lab services, became the victim of a ransomware attack.

A spokesperson for NHS England London confirmed Synnovis had faced a cyberattack on 3 June.

“This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south east London and we apologise for the inconvenience this is causing to patients and their families,” said the statement.

A number of GP services in London boroughs were also impacted by the cyberattack, with many cancelling blood tests and other routine appointments. According to the former chief executive of the National Cyber Security Centre, Ciaran Martin, Russian cybercriminals are believed to be responsible for the attacks.

The group called Qilin, that previously hacked carmakers and the Big Issue, is said to be behind this hack and appears to be motived by ransom payment, as opposed to political goals.

With the NHS already dealing with immense pressures, this cyber incident added an even larger burden to hospitals that had to take on patients that were redirected due to the disruption. In response to the cyberattack, an IT Taskforce has been created by Synnovis to assess the full impact of the interruption and what actions can be taken to minimise the impact on patients.

“We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be. This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect,” said Mark Dollar, CEO at Synnovis.

Attack Reminder of Escalating Threat Landscape

Martin Greenfield, CEO of cybersecurity continuous controls monitoring firm, Quod Orbis, said the cyberattack stands as a ‘stark reminder of the escalating threat landscape’ especially in incidents where attack could directly impact people’s health.

Greenfield said the healthcare sector has long been a prime target for cybercriminals due to the wealth of valuable data they hold, including personal health information and financial data.

“This risk is especially pronounced in the NHS due to their reliance on single-use machines running outdated and unsupported software, along with the practice of multiple users logging onto each PC, making it incredibly difficult to secure and manage these systems effectively,” added Greenfield.

Al Lakhani, CEO of passwordless MFA company, IDEE, concurred with this statement, stating few breaches ‘will have as grave, emotional, and potentially fatal consequences’ as this one with ambulances diverted, operations cancelled, and blood transfusions on hold.

“This incident underlines how important it is that the entire supply chain is protected. No matter how secure one part of an organisation’s defence is, if there is a weakness somewhere else within the system, criminals will find it,” said Lakhani.

Dan Lattimer, Vice President at Active Directory security and recovery platform, Semperis, stressed there is no silver bullet that will solve the cybersecurity challenges facing hospitals. Lattimer added hospitals should identify the critical services that are ‘single points of failure’ for the business.

“Have a plan for ‘what to do if’ and keep in mind that in nearly 90% of ransomware attacks, the hackers will likely compromise the organisation’s identity system, which stores the crown jewels of the business,” said Lattimer.

How Should Businesses Adapt?

With the evolving technology landscape, many businesses have outsourced their IT service provision, including cybersecurity.

Sheila Pancholi, partner at audit, tax, and consulting adviser, RSM UK, said this shift in behavior does not go unnoticed by fraudsters, who can see third-parties as a weak link in the security chain, which many are successfully exploiting.

“While outsourcing can bring the key expertise and skills a business needs, strengthen operational resilience, and scale-up quickly, it can also increase the risk of data security issues and regulatory compliance breaches,” added Pancholi.

Another partner at RSM UK, Stuart Leach, added the increase in third party breached highlights the need for formal and extensive technology and cyber due to diligence when selecting a third-party supplier. This ensures the proper controls and cyber defences are in place to mitigate risk. These defences should be tested at least annually.

“Those who have contracted work out to third parties may be held liable for the consequences, and have their business interrupted for considerable time. The reputational damage and loss of trust from customers that a cyberattack can cause may take years to rebuild,” said Leach.

RSM UK advise businesses to Map its cyber footprint, understand its critical providers’ threat landscape and what the motivations of a cyber attacker might be, assess the potential impact to the business if a critical third-party provider is breached, and assess the company’s and its providers’ controls to manage cyber risk given their threat landscape.

The news has followed just two months after a successful ransomware attack against NHS Dumfries and Galloway where hacking group INC Ransom warned they will publish confidential patient data and staff data from NHS Scotland.

At the time, if the demands set by INC Ransom were not met, three terabytes of sensitive data could be released, with the group showing a ‘proof pack’ of private data as evidence.

Join Tech Show London

12-13 March 2025, ExCeL London

Be a part of the latest tech conversations and discover pioneering innovations.

You won’t want to miss one of the most exciting technology events of the year.

Written by Thu 6 Jun 2024

Send us a correction Send us a news tip