London Hospitals Face Major Disruptions After Cyberattack

Several major hospitals in London have been crippled by a cyberattack, Britain’s National Health Service said, causing surgical procedures to be canceled, disrupting blood transfusions and forcing patients to be diverted.

The N.H.S. said on Monday that the ransomware cyberattack on Synnovis, an organization that manages blood transfusions and other services, had significantly disrupted the delivery of services at King’s College and Guy’s and St. Thomas’ hospital trusts, which run several major hospitals. The attack has also caused disruptions to primary care offices in London.

“We apologize for the inconvenience this is causing to patients and their families,” the health service said on Tuesday. Emergency care services were still available, the statement added.

Mark Dollar, the chief executive of Synnovis, said on Tuesday that the company was working to understand the impact of the attack on its pathology services and to minimize disruption. “It is still early days and we are trying to understand exactly what has happened,” he said in a statement.

Ciaran Martin, a former head of British cybersecurity, told BBC Radio 4 on Wednesday that a Russian cybercriminal group known as Qilin was most likely behind the attack.

“It’s the more serious type of ransomware, where the system just doesn’t work,” Mr. Martin said. “If you’re working in health care in this trust, you’re just not getting those results, so it’s actually seriously disruptive.”

The attack highlights cybersecurity risks for the N.H.S., which has come under criticism for having outdated software that is vulnerable to malware and ransomware. Just a few weeks ago, cybercriminals attacked an N.H.S. trust in Dumfries and Galloway in Scotland, gaining access to a large volume of patient data, though appointments and other health care services were not interrupted there.

The most wide-scale attack on the N.H.S. was the 2017 WannaCry attack, a ransomware attack that affected organizations in nearly 100 countries, including more than a third of the N.H.S. trusts. The health service was forced to cancel nearly 20,000 hospital appointments and operations, and diverted patients from five emergency departments that were unable to treat them. The previous year, the Northern Lincolnshire and Goole N.H.S. Foundation Trust was also hit by ransomware attacks, according to a report from Britain’s National Audit Office.

The British government said last year that the N.H.S. was much better prepared for ransomware attacks than it was in 2017, with 21 million malicious emails blocked every month. Last year, the government laid out a new strategy that it said would help protect the health service by 2030, including by offering cybersecurity training to its work force.

Recovering from cyberattacks can take weeks or months. A criminal group attacked the British Library, the country’s national library, in late October, preventing scholars from accessing its online systems, including email. The criminal group also stole data, which it later tried to auction online.

Eight months later, the British Library, whose collection includes two of the four surviving copies of Magna Carta, is still working to recover from the attack. Other organizations that have experienced similar attacks have taken over a year to fully restore operations, the library said.