Aktuelles
Qilin ransomware attack disrupts London NHS Services; 6,000 appointments canceled
July 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
Over a month after a Qilin ransomware attack targeted the pathology lab partner Synnovis, two central London NHS Trusts—Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust—are still grappling with significant disruptions, leading to the cancellation of over a thousand appointments and hundreds of medical procedures weekly.
During the week ending July 7, 2024, NHS England London reported 1,286 acute outpatient appointments and 100 elective procedures were postponed. The attack has postponed 6,199 acute outpatient appointments and 1,491 elective procedures in the past five weeks.
The commentary from Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity discussing the news:
"We have seen an influx of cyberattacks on the healthcare sector, especially towards those with bigger infrastructures such as the NHS. These figures certainly raise alarms and showcase the gravity of the impact these attacks can have on patient outcomes.
Cancelling appointments of patients in need may be a quick fix, but can cause huge anxiety and suffering to those awaiting medical interventions. As medical facilities’ services are essential and often cannot be disrupted without severe risk to patients, the industry is very much in the crosshairs of cybercrime and therefore requires strong cyber resilience strategies to limit outages, preserve continuity of patient care and prevent sensitive data loss.
This attack highlights how critical it has become for healthcare service providers to not only ensure robust cyber resilience within their own organisations and infrastructure, but also to assess and validate the security posture of their critical supply chains. Compliance frameworks and standards such as NIS2 and DORA are showing the way in this regard, and serious consideration should be given to how these lessons can most effectively be applied to healthcare services in the UK. The proposed UK revisions to the 2018 NIS regulations do not appear to tackle this issue.
Cyberattacks pose massive risks to patient privacy, operations, and public trust in the healthcare infrastructure. Healthcare providers should prioritise improving their cybersecurity infrastructure with advanced threat detection mechanisms. They should securely back up their data, so systems can be quickly restored, but they must ensure the backups are protected with encryption to prevent data loss through this mechanism. Other best practices include implementing cybersecurity technology such as email filtering, anti-virus protection, strong password policies and multi-factor authentication. Also, security awareness training should be implemented for staff from day one, ensuring they are vigilant in scrutinising the types of emails, messages and phone calls they receive.
It is incredibly important to adopt a multi-layered approach when it comes to a cyber defence strategy. Ultimately, the greater the diversity of processes, tools, and technologies an organisation has in place to protect and recover data, the less likely an attack will succeed, and therefore disruption such as appointment cancellations and patient delays can be avoided."
