The London NHS trust cyberattack that forced hospitals to cancel operations, divert ambulances, and launch a nation-wide call for blood donations has claimed by a Russian hacking group known as Qilin.
The group is demanding $50 million from Synnovis, the target of the attack, upon which the Guy’s and St Thomas’ NHS Foundation Trust relies on for pathology services.
Vulnerabilities known for years
Following the attack, publicly available documents from the Trust’s board of director’s meetings show that questions were frequently raised about the risks posed to the hospitals by the Synnovis pathology services company.
Around 800 operations were canceled alongside roughly 700 outpatient appointments following the attack. A Synnovis spokesperson said, "The investigation into the attack continues, including any possible impact to data."
Speaking through a Qilin messaging account (via Bloomberg), a representative said that they had abused a zero day exploit to attack Synnovis systems, and also argued that the group is not responsible for any harm done and that their attack was an act of retaliation against the UK government's support for unnamed wars.
Mark Dollar, CEO of Synnovis, said in a statement in the aftermath of the attack that "We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be. This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect."
"The incident is being reported to law enforcement and the Information Commissioner, and we are working with the National Cyber Security Centre and the Cyber Operations Team," Dollar continued.
More from TechRadar Pro
- Here is our guide to the best ransomware protection
- Hospital helpdesks targeted by hackers — US Health Department warns health services are under threat
- These are the best endpoint protection services around
