Russian cyber gang suspected of ransomware attack on London hospitals

A Russian cyber gang has been blamed fora ransomware cyber-attack which hit major London hospitals forcing a critical incident to be declared and operations cancelled.

Emergency patients were diverted to hospitals that had not partnered with Synnovis – a provider of pathology services.

Synnovis “was the victim of a ransomware cyberattack”, according to chief executive Mark Dollar who added: “This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.”

Ciaran Martin, the ex-chief executive of the National Cyber Security Centre, told BBC Radio 4’s Today programme a Russian gang was behind the attack. He said: “Yes. We believe it is a Russian group of cyber criminals who call themselves Qilin.

“These criminal groups – there are quite a few of them – they operate freely from within Russia, they give themselves high-profile names, they’ve got websites on the so-called dark web, and this particular group has about a two-year history of attacking various organisations across the world.”

The NHS said it was working with the National Cyber Security Centre to understand the impact of the attack which hit King’s College Hospital, Guy’s and St Thomas’ – including the Royal Brompton and the Evelina London Children’s Hospital.

It was reported the incident had a “major impact” on the delivery of services, especially blood transfusions and test results and, as a result, some departments could not connect to a main server.

London boroughs were affected with GP services across Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth being disrupted.

Synnovis was formed from a partnership between SYNLAB UK & Ireland, Guy’s and St Thomas’ NHS Foundation Trust, and King’s College Hospital NHS Foundation Trust.

Cyber policies offered by W Denis provide more than just insurance, they are inclusive of additional services which help to mitigate the impact of a data breach/hack etc, including PR services to manage the crisis, forensics to investigate the root cause and expertise to eradicate the issue. Locked systems and ransomware can be catastrophic to a business. Prudent risk managers who buy comprehensive cyber insurance gain access to a wide range of support services to help the business in the event of a claim in addition to ransomware payment negotiations.

To discuss this further with a broker at W Denis, please make arrangements with Daniel Moss at [email protected] or on 0044 (0)113 2439812 or contact Mark Dutton at [email protected] or on 0044 (0) 7831 366 469.

Specialist contact

Mark Dutton

Executive Director / Group Head of Broking & Business Development

T. +44 (0) 7831 366 469

E. [email protected]

Arrange a call back