London Hospitals Ransomware Attack Wreaks Havoc

King’s College Hospital, Guy’s and St Thomas’s among London hospitals hit by ransomware cyberattack linked to Synnovi, a provider of pathology services

Three major London hospitals have been hit by a ransomware cyberattack that has wreaked havoc across clinical services.

The hack is said to have affected hospitals who are partnered with Synnovi, a provider of pathology services.

King’s College Hospital, Guy’s and St Thomas’s – including the Royal Brompton and the Evelina London Children’s Hospital – and primary care services are among those affected.

The incident has had a “major impact” on the delivery of services, especially blood transfusions and test results, the hospitals say.

Some procedures have been cancelled or have been redirected to other NHS providers as the hospitals try to establish what work can be carried out safely.

The National Health Service (NHS) said emergency care continued to be available.

A spokesperson from Synnovis said the company had sent in a “taskforce of IT experts” to “fully assess” the impact, the BBC reports.

The NHS apologised for the inconvenience and said it was working with the National Cyber Security Centre to understand the impact.

“When healthcare systems and data are unavailable, lives are potentially at risk. This makes the sector a tempting target for criminals," says Martin Lee, Cisco’s Technical Lead of Security Research, and EMEA Lead for Cisco Talos. “We frequently observe that healthcare is among the most commonly targeted industrial sectors for cyber attacks. Protecting against attacks requires developing a strategy of  resilience.”

A spokesperson for NHS England London region confirmed Synnovis was the victim of a ransomware cyber attack.

“Emergency care continues to be available, so patients should access services in the normal way, and patients should continue to attend appointments unless they are told otherwise," they said.

"We will continue to provide updates about the impact on services and how patients can continue to get the care they need."

A spokesperson for Synnovis said: "We are incredibly sorry for the inconvenience and upset this is causing to patients, service users and anyone else affected.

Containing the cyberattack impact' 

"We are doing our best to minimise the impact and will stay in touch with local NHS services to keep people up to date with developments."

The spokesperson added it had "invested heavily" in "ensuring our IT arrangements are as safe as they possibly can be".

Global CISO at Check Point Software, Deryck Mitchelson emphasised the position the NHS is in in having to balance its IT efforts amid rising cyber attacks: “The NHS is in a difficult situation in the face of prolific threats, exacerbated by recent IT budget cuts, and it is now at its most vulnerable to cyberattack. Defending such an institution is not an easy job but everyone in the chain of command, including the vast network of third-party suppliers, absolutely needs to be on high alert right now."

Right now, the priority should be on making sure patients receive the treatment they need, and any further disruptions are mitigated," Mitchelson concluded.

The incident is being reported to law enforcement and the Information Commissioner, and the effected organisations are working with the National Cyber Security Centre and the Cyber Operations Team.

Synnovis services

Synnovis is a UK provider of pathology services, offering a range of diagnostic testing and analysis to support healthcare professionals in making accurate and timely diagnoses. 

Its team of pathologists, scientists and technicians cater to multiple specialties, including histopathology (diagnosis and study of diseases of the tissues), cytology (single cells), molecular pathology, and haematology (blood and blood disorders). It is a partner for hospitals, clinics, and research institutions throughout the UK.

“There is a large importance for robust cybersecurity measures, especially in the healthcare sector," said Oseloka Obiora, CTO at RiverSafe. "To enhance readiness, it is essential that security teams adopt robust network visibility to promptly identify and resolve vulnerabilities across systems, minimising the impact of cyber threats to vital infrastructure"

A cyber breach in the UK in May 2017 impacted a third of England's 236 NHS trusts, and led to the cancellation of an estimated 19,000 appointments in the space of a week.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

SolarWinds: IT Staff Dubious on Organisation's AI Readiness

A recent trends report by SolarWinds reveals that very few IT professionals are confident in their organisation's readiness to integrate AI

Is Stress a Driving Force Behind the Cyber Skills Shortage?

A SenseOn study has showed 95% of IT leaders in the UK and Ireland say stress impacts their ability to retain staff

Rapid7 AI Engine Update Sees Gen AI Supporting SOC With MDR

Rapid7's enhanced AI Engine will now use machine learning models and new Gen AI models to separate real attacks from false alarms

Google Securing WFH with Zscaler and Netskope Partnership

Network Security

Why Have Cybersecurity Budgets Soared for TMT Companies?

Operational Security

Mandiant's Analysis Unveils Cause of Snowflake Data Theft

Operational Security