Some of London’s largest NHS hospitals have been hit by a cyberattack that has severely disrupted their operations, including blood tests and transfusions, The Guardian reports.
The ransomware cyberattack is having a “serious impact” on healthcare services at Guy’s and St. Thomas’ NHS trust, its chief executive said in an email.
The attack has affected other hospitals, including King’s College Hospital, and has left them unable to connect to the servers of the private firm that provides them with pathology services.
Synnovis, an outsourced provider of laboratory services to NHS trusts in south-east London, has been the target of a cyberattack believed to be a type of ransomware – software that locks down a computer system in order to extort payment to restore access.
A medical professional reported that the labs were still functioning, but communications were limited to paper only, causing a huge problem and forcing the cancellation or rescheduling of all but the most urgent blood tests. Direct connections to Synnovis servers were cut off to limit the risk of spreading infection.
Increasingly, ransomware attacks are accompanied by leaks of sensitive data with the threat to publish the hacked information unless payment is made.
Third attack on Synlab Group
This is the third attack in the past year on part of the Synlab Group, a German healthcare provider with subsidiaries across Europe. In June 2023, ransomware gang Clop hacked and stole data from the company’s French subsidiary just days after it hit the headlines by taking down the payroll provider for the likes of BA, Boots and the BBC. Clop published the stolen data in the summer of that year.
In April this year, Synlab’s Italian subsidiary was attacked by another group of ransomware developers called Black Basta. In that attack, the group stole 1.5 TB of data and republished it when the ransom was not paid.
Cyberattack targets
Healthcare providers are a popular target for ransomware gangs internationally. Underinvestment in IT can leave systems vulnerable to cyberattack, and the risk to patient health leads many providers to seek to restore operations as quickly as possible, regardless of the cost.
If data is stolen, it tends to be particularly sensitive, and many healthcare providers are explicitly or effectively backed by the government, giving them access to funds in emergencies.
However, in the UK, there is growing pressure from the security services to prevent ransom payments to public and private organisations. After the devastating hack in October 2023, the British Library reiterated that it “did not make any payments to the criminals responsible for the attack, nor did it have any relationship with them.” The library said in an incident report earlier this year:
Ransomware gangs contemplating future attacks such as this on publicly funded institutions should be aware that the UK’s national policy, articulated by NCSC [National Cyber Security Centre], is unambiguously clear that no such payments should be made.
