An investigation is underway into a ransomware attack on London hospitals by the Russian group Qilin, which could take weeks to complete, according to the country's state-run National Health Service. The attack occurred on June 3, affecting NHS provider Synnovis, which offers pathology services primarily in southeast London.
As a result of the attack, hundreds of operations and appointments have been canceled, causing significant disruptions to services, particularly blood transfusions. The attack impacted King’s College, Guy’s and St Thomas’ hospital trusts, as well as clinics and doctors’ practices across south London.
NHS England has confirmed that data related to the attack have been published online, including patient names, dates of birth, and descriptions of blood tests. The National Crime Agency and National Cyber Security Centre are working to verify the data, which could take weeks due to the complexity of the investigation.
Reports suggest that records covering 300 million patient interactions, including blood test results for HIV and cancer, were stolen during the attack. A website and helpline have been set up for affected patients to address their concerns and provide support.
Ransomware attacks involve criminals using malware to paralyze computer systems and demanding payment for their release. These attacks are highly disruptive and costly, affecting various sectors including local governments, hospitals, and businesses.
This incident is not the first time the UK's health system has been targeted by ransomware, with a similar attack occurring in 2017. Qilin, also known as Agenda, is a cybercriminal group that advertises on dark web forums and leases malware to affiliates for conducting attacks in exchange for a percentage of ransom payments.
The National Crime Agency is leading the criminal investigation into the attack, but further details have not been disclosed. The complexity of the investigation and the challenges posed by cybercriminal gangs based in former Soviet states make combating ransomware attacks a difficult task for law enforcement agencies.