The cyber attack at health service laboratory partner Synnovis in South London has been attributed to the Russia-based Qilin ransomware gang. The attack, which began on June 3, has disrupted primary care functions across several NHS trusts. The attack has particularly impacted Guy’s and St Thomas’ NHS Foundation Trust, King’s College NHS Foundation Trust, South London and Maudsley NHS Foundation Trust, and Oxleas NHS Foundation Trust, as well as GP surgeries, clinics, and services in several boroughs in South London.
Former National Cyber Security Centre chief executive Ciaran Martin believes that Qilin is behind the attack. The gang is likely seeking a quick payoff and did not anticipate causing such significant disruption. Due to the UK government’s policy against public sector organisations paying ransoms, it is unlikely that the gang will receive any money. However, since Synnovis is a private sector organisation, it is not bound by the same restrictions.
Mark Dollar, CEO of Synnovis, apologized for the disruption caused by the ransomware attack. He expressed that efforts are being made to minimize the impact and keep affected parties informed about the situation.
The incident serves as a reminder of the potential impact of cyber attacks on any organization and the lack of consideration shown by those behind such attacks. Synnovis and the NHS are working together to assess the impact of the attack and take appropriate action to address the situation.
Unfortunately, such attacks are increasingly common in the healthcare sector, with ransomware gangs frequently targeting organizations holding valuable data. The healthcare sector’s vulnerability is exacerbated by legacy technology, reliance on third-party suppliers, and inadequate security awareness training for staff.
The Qilin ransomware gang, known for its double extortion tactic, has been notably active in recent years. Their attack on a UK-based publisher and social enterprise earlier in 2024 highlighted the potential threats posed by the group.