Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Hospital. Show all posts

Why Cybercriminals Keep Targeting the NHS: Insights into the Latest Attack

 


In a statement released on 3 June, NHS England confirmed that the patient data managed by the company Synnovis for blood testing was stolen in a ransomware attack. In a threat to extort money from Synnovis, a group of Russian cybercriminals called Qilin shared almost 400GB of personal information through their darknet site on Thursday night, which they had threatened to do. There is no evidence to indicate that test results have been published, according to a statement issued by NHS England. However, the company said that investigations are still ongoing. 

As a shocking development has recently occurred, the NHS has announced it has been a victim of a major cyber attack targeting a company known as Synnovis. Synnovis, formerly known as Viapath, offers pathology services to hospitals across the country. The hospital is a partnership between Guy’s and St Thomas NHS Foundation Trust and King’s College Hospital NHS Foundation Trust. It is possible that millions of sensitive health information of NHS patients across England could have been compromised by the attack, which happened on June 22nd. 

As of Monday 3 June, Synnovis - a pathology partnership between Guy's and St Thomas' NHS Foundation Trust, King's College Hospitals NHS Trust and SYNLAB - suffered a ransomware cyber attack, disrupting their operations. There is no denying that this attack has been one of the worst in the history of medicine in the UK. It has resulted in an extremely significant decrease in the number of tests that can be processed and reported to clinical teams as a result of this attack. King's College Hospital and Guy's and St Thomas Hospital have been postponing 1,134 elective procedures and 2,194 outpatient appointments since 3 June, which means the total number of elective procedures and outpatient appointments cancelled. 

In the wake of the attack, which was allegedly perpetrated by a Russian criminal gang, Qilin has posted over 400GB of sensitive data to a darknet site that has been used to hide data. Among the data are names, dates of birth, NHS numbers, as well as descriptions of blood tests that were performed. Moreover, a spreadsheet detailing financial arrangements between hospitals, general practitioners, and Synnovis is also found. Qilin has also claimed to have attacked a ‘protest’ but declined to give any further details about their political affiliation or location. 

In the recent past, Synnovis, a partnership between two London hospitals and SYNLAB providing pathology services, has been a victim of a cyberattack. In the past week, a group has claimed responsibility for the attack and published information online,” Snnaovis said in a press release. Even though there have been no indications that the Laboratory Information Management System (LIMS) databases, which are crucial for supporting lab operations and storing patient test requests and results, have been compromised, or that they are available online, there are no signs that they have been. 

An analysis of the stolen data by the BBC revealed that it included the names of patients, birth dates, NHS numbers, and blood tests described by the patient, an act which has been described as the "most significant and harmful cyber attack ever committed in the United Kingdom." It has also been found that business account spreadsheets are being used to take notes about the financial arrangements between hospitals, GP services, and Synnovis. Ransomware hackers have infiltrated the company's computer systems, which are used by two NHS trusts in London, and encrypted vital information, resulting in the inability to use its IT systems. 

The cybercriminals also downloaded as much information as possible to further extort the company for a ransom payment, as is often the case with cybercriminals. Neither Synnovis nor the hackers have disclosed how much money the hackers requested from Synnovis, nor have negotiations been held between the two organizations. Qilin, however, has published some of the data, which could be all of it, so they haven't been paying. In an encrypted message sent to the BBC by the cyber attackers, the cyberattackers explained that they were targeting Synnovis intentionally to punish the UK for not participating enough in an unspecified war. 

In the NHS England statement, it was stated that the company continues to work closely with Synnovis and the National Crime Agency. A helpline has been established by NHS England for people affected by the attack and the organisation will continue to share updates, but "investigations of this type are complex and take time to complete." During the NHS, these systems are used to securely transfer patient data from one part of the healthcare system to another, raising serious questions about the safety and privacy of the data that is shared amongst members of the system. Officials at the National Health Service (NHS) are scrambling to assess the extent of the breach and find out exactly what information may have been exposed as a result of the breach. 

There have been assurances from the authorities that need-to-know services will remain fully operational for the time being, but some appointments and services not urgent in nature may need to be rescheduled to ensure the secure restoration of systems that have been affected. According to Synnovis, all affected systems have been taken offline as a precautionary measure, and as the company investigates the incident in partnership with the National Cyber Security Centre, the NHS is also investigating the incident. While many do not understand how such a crucial part of the NHS' digital infrastructure can be left vulnerable to such a heinous attack, a few have made a suggestion. As cyber security threats become increasingly sophisticated, there is now a growing concern about whether the NHS is capable of protecting itself from inherently secure threats. 

A call to action has been issued urging people to be more vigilant and to report any suspicious communications they receive claiming to be from the NHS immediately. It's becoming more obvious every day that the scale and impact of this unprecedented attack on England's health service are far from being known, but public confidence in the NHS's ability to keep personal data secure is at stake as more details emerge. In the last few months, there have been shockwaves throughout the healthcare sector as well as beyond it. Identifying impacted individuals can be a complicated process and can take up to a week for the investigation to be complete. As a result, local health systems have collaborated to ensure that patients' health impacts are managed promptly, that urgent blood samples are processed and that historical health records are accessible by laboratories.

Ransomware Attacks in Healthcare: A Threat to Patient Safety

Ransomware Attacks in Healthcare: A Threat to Patient Safety

Ransomware attacks in Healthcare: A threat to patient safety

A ransomware attack on a major U.S. hospital network has been endangering patients’ health. Nurses are forced to manually enter prescription information and work without electronic health records cyberattacks have become an alarming concern for healthcare institutions worldwide. 

The recent ransomware attack on Ascension Providence Rochester Hospital in the United States highlights the critical need for robust cybersecurity measures within the healthcare sector.

The incident

The hospital’s computer systems were compromised by malicious actors who infiltrated their network. The attackers deployed ransomware, encrypting critical files and rendering electronic health records (EHRs) inaccessible. Suddenly, nurses were navigating a chaotic environment where paper records replaced digital ones. The impact was immediate and far-reaching.

Patient safety at risk

  • Manual Processes: Nurses were forced to revert to manual processes for tasks that were previously automated. Prescription orders, patient histories, and treatment plans had to be recorded on paper. This shift disrupted workflows, increased administrative burden, and introduced the risk of errors.
  • Delayed Care: With EHRs offline, accessing patient information became time-consuming. Nurses had to physically search for records, leading to delays in providing care. In emergencies, every second counts, and any delay could jeopardize patient well-being.
  • Medication Errors: Manually transcribing medication orders is error-prone. Misreading handwritten notes or mistyping dosage instructions can have serious consequences. Patient safety hinges on accurate and timely administration of medications, and the ransomware attack disrupted this critical process.
  • Communication Challenges: Collaborating with physicians, pharmacists, and other healthcare professionals became challenging. Without EHRs, nurses struggled to share vital patient information efficiently. Effective communication is essential for coordinated care, and the attack hindered this aspect.

The broader implications

  • Financial Impact: Beyond patient safety, the financial toll of ransomware attacks is substantial. Hospitals must allocate resources to recover data, strengthen security, and address vulnerabilities. These costs divert funds from patient care and research.
  • Public Trust: Patients rely on hospitals to safeguard their sensitive information. A breach erodes trust and raises privacy concerns. Hospitals must transparently communicate such incidents to maintain public confidence.
  • Preventive Measures: Healthcare institutions must prioritize cybersecurity. Regular security audits, employee training, and robust backup systems are essential. Proactive measures can prevent attacks or minimize their impact.
Healthcare organizations must invest in cybersecurity infrastructure, collaborate with experts, and stay vigilant. Patient safety is non-negotiable, and protecting it requires a collective effort. Let us learn from this event and fortify our defenses against cyber threats in the healthcare sector.