NHS Hospitals in London Hit by Qilin Ransomware Attack
Hospitals in Southeast London are reeling from a ransomware attack by the Russian group Qilin, which has disrupted operations and led to postponed appointments. The attack on Synnovis, a pathology service provider for the NHS, has affected numerous hospitals and clinics across the city.
Qilin demanded £40 million in Bitcoin to prevent the release of sensitive patient data, but the ransom was not paid. The group has since published 400 gigabytes of patient data, including birthdates, blood test results, HIV, and cancer test results, affecting thousands of patients who will now need to be retested. The NHS is currently verifying the authenticity of the leaked data, a process that could take weeks.
This is not the first time healthcare providers have been targeted by ransomware attacks. In February 2023, the US experienced the most severe healthcare sector attack, with Change Healthcare being hacked and paying $22 million in Bitcoin to Russian ransomware hackers ALPHV. That attack resulted in over a thousand surgeries and consultations being canceled, with systems down for over two weeks. Healthcare providers are attractive targets due to outdated infrastructure and the potential for high ransoms, with severe consequences if systems are not restored quickly. Qilin operates using the 'Ransomware-as-a-Service' model, providing malware and infrastructure to other hackers in exchange for a share of the ransom proceeds.
The attack on Synnovis serves as a stark reminder of the vulnerability of healthcare providers to cyberattacks. As technology advances, so too do the methods used by cybercriminals to exploit it. The NHS and other healthcare providers must prioritize cybersecurity to protect patient data and ensure the smooth running of vital services.
