Cybersecurity

The Aftermath of a U.K. Cyberattack: Blood Shortages and Delayed Operations


Several London hospitals, still under significant strain more than a week after a cyberattack crippled services, have asked medical students to volunteer to help minimize disruption, as thousands of blood samples have had to be discarded and operations postponed.

The ransomware attack on Synnovis, a private firm that analyzes blood tests, has crippled services at two major National Health Service hospital trusts, Guy’s and St. Thomas’ and King’s College, which described the situation as “critical.”

According to a memo leaked in recent days, several London hospitals asked medical students to volunteer for 10- to 12-hour shifts. “We urgently need volunteers to step forward and support our pathology services,” said the message, which was reported earlier by the BBC. “The ripple effect of this extremely serious incident is felt across various hospital, community and mental health services in our region.”

The attack also disrupted blood transfusions, and the N.H.S. appealed to the public this week for blood donors with O-negative blood types, which can be used in transfusions for any blood type, and O-positive blood types, which is the most frequently occurring blood type, saying it could not match patients’ blood at the same frequency as usual.

While the N.H.S. has declined to comment on which group was suspected of carrying out the attack, Ciaran Martin, a former head of British cybersecurity, told the BBC last week that a Russian cybercriminal group known as Qilin was most likely the perpetrator. Synnovis said last week in a statement that it was working with the British government’s National Cyber Security Center to understand what had happened.

Synnovis, in an email sent Monday to primary health providers, said that thousands of blood test samples would probably have to be destroyed because of the lack of connectivity to electronic health records. In a statement on Wednesday, Synnovis said that the I.T. system had been down for too long for samples taken last week to be processed.

The N.H.S., which most people in Britain rely on for medical care, has significantly stepped up its investments in cybersecurity since 2017, when a ransomware attack wreaked havoc on its computer systems and forced the cancellation of nearly 20,000 hospital appointments and operations.

Since the cyberattack, some N.H.S. medical practitioners at affected hospitals have resorted to using pen and paper to record test results, with limited access to computerized blood test records. Recording results by hand can lead to higher rates of mistakes and can reduce capacity for blood tests, resulting in reduced capacity for emergency operations, said Jamie MacColl, a research fellow focused on cybersecurity at the Royal United Services Institute, a British think tank.

“The whole thing doesn’t break down, but it is under significant strain,” Mr. MacColl said. There have been far fewer successful ransomware attacks on the N.H.S., which does not pay ransoms, than on U.S. health care providers, which are more susceptible to being extorted, he said.

Rebecca Wright, a professor focused on cybersecurity at Barnard College, said hospitals were particularly susceptible to ransomware attacks because they are hard to secure, often relying on a patchwork of different systems and third-party suppliers.

The primary goal of the attacks is not always to steal the hospital’s data, she said, but to paralyze or disrupt services to such an extent that providers are more likely to pay ransoms.

U.S. authorities say that paying ransom helps to perpetuate a cycle that can lead to an increasing number of attacks on hospitals. But for health care providers, paying ransoms can cost less than rebuilding computer systems.

Ransomware payments around the world exceeded $1 billion last year, a record high, according to Chainanalysis, a U.S. blockchain analysis firm. The top five highest grossing ransomware variants in 2021 were connected to Russian cybercriminals, according to the U.S. Treasury’s Financial Crimes Enforcement Network, which aims to safeguard the financial system from illicit use.

In February, a cyberattack on Change Healthcare, which manages of a third of all U.S. patient records, caused major disruptions to payments including routine drug prescription orders and expensive surgeries. At a Senate hearing last month, Andrew Witty, the chief executive of UnitedHealth Group, the parent of Change, acknowledged that the company paid a $22 million ransom to the attackers.

And just weeks ago, Ascension, one of the U.S.’s largest health systems, with about 140 hospitals, was hit by a large-scale cyberattack. Doctors and nurses at Ascension hospitals have had little access to digital records for patient histories and have used paper and fax instead.

Ascension said on Wednesday that the attacker had gained access to its systems after an employee accidentally downloaded a malicious file that they thought was legitimate. The company said that it had no evidence that data was taken from its electronic medical record system and that it was still working to restore access to electronic health records across its network, which it aimed to do by Friday.



Source

Related Articles

Back to top button