By D. Maan, Jadetimes News
Cyber Gang Targets London Hospitals
A gang of cybercriminals has caused significant disruption to multiple London hospitals by publishing sensitive patient data stolen from an NHS blood testing company. Overnight on Thursday, the group known as Qilin shared nearly 400GB of private information on their darknet site. The gang has been attempting to extort money from NHS provider Synnovis since hacking the firm on June 3.
Significant Data Breach
Cybersecurity expert Ciaran Martin described the incident to as "one of the most significant and harmful cyber attacks ever in the UK." The stolen data includes patient names, dates of birth, NHS numbers, and descriptions of blood tests, though it remains unclear if test results were also compromised. The breach has disrupted over 3,000 hospital and GP appointments and operations, impacting numerous patients, including a teenager receiving cancer treatment.
Response and Investigation
Synnovis acknowledged the severity of the situation, stating, "We know how worrying this development may be for many people. We are taking it very seriously and an analysis of this data is already underway." The company is working with the National Cyber Security Centre and other partners to quickly determine the content of the published files. The ransomware attack involved the hackers infiltrating Synnovis' computer systems, encrypting critical information, and rendering IT systems inoperable.
Ransom Demands and Law Enforcement
As is common with ransomware attacks, the hackers downloaded extensive private data to extort the company for a ransom payment in Bitcoin. It is not known how much money was demanded or if Synnovis entered negotiations, but the publication of some, if not all, of the data suggests that no payment was made. Law enforcement agencies worldwide regularly advise against paying ransoms, as it fuels criminal activities and does not guarantee that the attackers will honor their promises.
Increasing Threat to Healthcare
Ransomware expert Brett Callow from Emsisoft noted that healthcare organizations are increasingly targeted by cybercriminals due to the potential for significant harm and large ransom payments. "Cybercriminals go where the money is, and unfortunately, the money is in attacking the healthcare sector," he explained. The gang, believed to be based in Russia, claimed to have targeted Synnovis to punish the UK for not providing enough aid in an unspecified war, a claim dismissed by Ciaran Martin as "absolute garbage" with purely financial motives. This attack underscores the urgent need for healthcare systems to become more resilient to withstand multiple cyber threats simultaneously.