Russian Hackers Suspected in Major Ransomware Attack on London Hospitals

Why Trust Techopedia
Key Takeaways

  • Russian hackers, identified as the Qilin group, are suspected of a ransomware attack disrupting several London hospitals' operations.
  • The attack targeted Synnovis, leading to the cancellation of pathological operations and was labeled a “critical incident” by NHS officials.
  • This incident is part of a broader pattern of cyberattacks on the NHS, highlighting the healthcare sector's vulnerability.

Russian hackers are believed to be behind a major ransomware attack that has disrupted operations at several London hospitals, including St Thomas, the Royal Brompton, and the Evelina London Children’s Hospital. 

The attack, which was labeled a “critical incident” by NHS officials, targeted Synnovis, a pathology services firm. It affected blood transfusions and consequently led to the cancellation of pathological operations in the affected hospitals.

During the BBC Radio 4 program, Former National Cyber Security Centre chief executive Ciaran Martin said the attack was believed to be the work of a Russian cybercriminal gang called Qilin.

Available reports show that Qilin is a known ransomware group operating on the dark web. It has previously attacked automotive companies and Australian courts.

Healthcare Falls Victim to Cyberattacks

This incident is part of a broader pattern of cyberattacks on the UK’s National Health Service (NHS).

In June of last year, another Russian cybercrime gang, BlackCat, hacked the Barts Health NHS Trust, which operates several hospitals in London, and published some of the stolen data online in an extortion attempt. The incident resulted in the theft of over 70 terabytes of sensitive data, including personal, financial, and internal hospital information.

In a similar event last month, a group called INC Ransom published three terabytes of data obtained from a hack of the NHS Dumfries and Galloway in Scotland.

A new study from cybersecurity firm Blackfog suggests that the healthcare sector is the most targeted by ransomware attacks.

The NHS has 229 trusts across the UK and manages one of the most comprehensive national health datasets globally. This is why it’s faced numerous cybersecurity challenges in the past few years.

Due to its low tolerance to downtime and rich data, it’s no surprise that financially motivated cybercriminals increasingly target healthcare organizations, seeking to disrupt IT systems and extort huge ransom payments.

The 2017 WannaCry attack, which affected about a third of NHS trusts, demonstrates how ransomware attacks on healthcare systems can jeopardize an entire nation’s healthcare operations.