London hospital vulnerabilities were known years before cyberattack

Image credit: Shutterstock (Image credit: Shutterstock)

Five London hospitals had to cancel operations and divert incoming ambulances as a result of a cyberattack against the Guy’s and St Thomas’ NHS Foundation Trust in June 2024

Since then, several hundred operations have been postponed or rescheduled, and the NHS has called for O negative blood donors to donate in a nation-wide push.

Vulnerabilities known for years

According to the documents, which include publicly available information on board of director’s meetings, the Guy’s and St Thomas NHS Foundation Trust frequently failed to meet data security standards, with the board of directors questioning the risks posed to hospital IT systems and their third-party supply chain as recently as January 2024.

In the attack that took place at the beginning of June, the attackers struck Synnovis, the trust’s pathology services provider, forcing hospitals to rely on handwritten records and postpone a range of medical procedures.

In minutes taken from meetings, the board of directors pursued a number of IT modernization programs to increase the trusts’ cybersecurity capabilities, with a meetings in January this year commending that IT infrastructure across the trust was “configured to a good standard,” but concerns were continually raised about third party interfaces, including Synnovis.

The attack has been attributed to a Russian ransomware group identified as Qilin, who have emerged as a cross-sector ransomware threat since 2022. Hospitals are increasingly becoming a favorite target for ransowmare gangs thanks to their sensitive medical data and wide ranging third-party equipment providers, which provide a large attack surface.

Speaking on the attack, Mark Dollar, CEO of Synnovis said, “We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be. This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.”

More from TechRadar Pro

Here are the best endpoint protection services
Ascension healthcare giant forced to take systems offline following cyberattack
Keep your device protected with the best antivirus

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.