London Hospitals Cyber Attack
Russian hackers are behind the cyber attack on a number of major London hospitals, according to the former chief executive of the National Cyber Security Centre. Ciaran Martin told BBC Radio 4’s Today programme that the criminal group were “looking for money” by targeting the pathology services firm Synnovis.
Hospitals declared a critical incident on Tuesday after the ransomware attack, which affected blood transfusions and test results. It also led to operations being cancelled and emergency patients being diverted elsewhere.
King’s College Hospital, Guy’s and St Thomas’ – including the Royal Brompton and the Evelina London Children’s Hospital – and primary care services are among those affected.
Mr Martin told the programme: “We believe it is a Russian group of cyber criminals who call themselves Qilin.” He said the group, which operates on the dark web, operated “freely from within Russia”.
The cyber security expert explained that the group had previously attacked automotive companies, Australian courts and the Big Issue in the UK.
He said: “They’re simply looking for money,” but said the British government had a policy of not paying ransoms. He told the BBC that the criminal group were “unlikely” to have known they would cause healthcare disruption when they organised the attack.
He added: “There are two types of ransomware attack. One is when they steal a load of data and they try and extort you into paying so that isn’t released, but this case is different. It’s the more serious type of ransomware where the system just doesn’t work.”
Mr Martin said the attack was “one of the more serious that we’ve seen in this country”.
When asked about patient data, he said: “It’s not really a question of data in this one, it’s a question of the services. “The criminals are threatening to publish data, but they always do that. Here the priority is the restoration of services.”
One patient told BBC London that he was just moments from receiving a heart operation when the hospital cancelled the procedure due to the cyber attack.
Oliver Dowson said the surgeon explained “there was an issue with the blood bank”. He said: “When you’ve been sitting there since the crack of dawn in a smock waiting to have open heart surgery, however calm I tried to feel, you still get a bit nervous.” He said he was “upset and angry” with his procedure being rescheduled to next week.
The NHS apologised for the inconvenience caused to patients and said it was working with the National Cyber Security Centre to understand the impact.
Synnovis said it was unable to comment further on the attack.