A ransomware attack on a private company that analyses blood tests has crippled services at two major NHS hospital trusts.
A ransomware attack on a private company that analyses blood tests has crippled services at two major NHS hospital trusts.
Several London hospitals, still under significant strain more than a week after a cyberattack crippled services, have asked medical students to volunteer to help minimise disruption, as thousands of blood samples have had to be discarded and operations postponed.
The ransomware attack on Synnovis, a private firm that analyses bloodtests, has crippled services at two major National Health Service hospital trusts, Guy’s and St Thomas’ and King’s College, which described the situation as “critical”.
According to a memo leaked in recent days, several London hospitals asked medical students to volunteer for 10- to 12-hour shifts. “We urgently need volunteers to step forward and support our pathology services,” said the message, which was reported earlier by the BBC. “The ripple effect of this extremely serious incident is felt across various hospital, community and mental health services in our region.”
The attack also disrupted blood transfusions, and the NHS appealed to the public this week for blood donors with O-negative blood types, which can be used in transfusions for any blood type, and O-positive blood types, which is the most frequently occurring blood type, saying it could not match patients’ blood at the same frequency as usual.
While the NHS has declined to comment on which group was suspected of carrying out the attack, Ciaran Martin, a former head of British cybersecurity, told the BBC last week that a Russian cybercriminal group known as Qilin was most likely the perpetrator. Synnovis said last week in a statement that it was working with the British government’s National Cyber Security Center to understand what had happened.
Synnovis, in an email sent on Monday to primary health providers, said that thousands of blood test samples would probably have to be destroyed because of the lack of connectivity to electronic health records. In a statement on Wednesday, Synnovis said that the IT system had been down for too long for samples taken last week to be processed.
Recent large-scale cyberattacks affecting US hospitals have rattled healthcare systems around the world. Photo / 123RF
The NHS, which most people in Britain rely on for medical care, has significantly stepped up its investments in cybersecurity since 2017, when a ransomware attack wreaked havoc on its computer systems and forced the cancellation of nearly 20,000 hospital appointments and operations.
The cyber threats add to pressure on the NHS, which is already facing a deep crisis over budget cuts and staffing shortages.
Since the cyberattack, some NHS medical practitioners at affected hospitals have resorted to using pen and paper to record test results, with limited access to computerised blood test records. Recording results by hand can lead to higher rates of mistakes and can reduce capacity for blood tests, resulting in reduced capacity for emergency operations, said Jamie MacColl, a research fellow focused on cybersecurity at the Royal United Services Institute, a British think-tank.
“The whole thing doesn’t break down, but it is under significant strain,” MacColl said. There have been far fewer successful ransomware attacks on the NHS, which does not pay ransoms, than on US healthcare providers, which are more susceptible to being extorted, he said.
Recent large-scale cyberattacks affecting US hospitals have rattled healthcare systems.
Rebecca Wright, a professor focused on cybersecurity at Barnard College in New York City, said hospitals were particularly susceptible to ransomware attacks because they are hard to secure, often relying on a patchwork of different systems and third-party suppliers.
The primary goal of the attacks is not always to steal the hospital’s data, she said, but to paralyse or disrupt services to such an extent that providers are more likely to pay ransoms.
US authorities say that paying ransoms helps to perpetuate a cycle that can lead to an increasing number of attacks on hospitals. But for healthcare providers, paying ransoms can cost less than rebuilding computer systems.
Ransomware payments around the world exceeded US$1 billion last year, a record high, according to Chainanalysis, a US blockchain analysis firm. The top five highest grossing ransomware variants in 2021 were connected to Russian cybercriminals, according to the US Treasury’s Financial Crimes Enforcement Network, which aims to safeguard the financial system from illicit use.
In February, a cyberattack on Change Healthcare, which manages one-third of all US patient records, caused major disruptions to payments, including routine drug prescription orders and expensive surgeries. At a Senate hearing last month, Andrew Witty, the CEO of UnitedHealth Group, the parent of Change, acknowledged that the company paid a US$22 million ransom to the attackers.
And just weeks ago, Ascension, one of the United States’ largest health systems, with about 140 hospitals, was hit by a large-scale cyberattack. Doctors and nurses at Ascension hospitals have had little access to digital records for patient histories and have used paper and fax instead.
Ascension said on Wednesday that the attacker had gained access to its systems after an employee accidentally downloaded a malicious file that they thought was legitimate. The company said that it had no evidence that data was taken from its electronic medical record system and that it was still working to restore access to electronic health records across its network, which it aimed to do by Friday.
