(844) 627-8267
(844) 627-8267

Russian cyber criminals thought to be behind NHS attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


A group of Russian cyber criminals called Qilin is believed to be behind the NHS ransomware attack which crippled three major London hospitals on Tuesday.

Ciaran Martin, the first head of GCHQ’s National Cyber Security Centre (NSCS), was asked who was behind the attack and told BBC Radio 4’s Today programme: “We believe it is a Russian group of cyber criminals called Qilin.

“These criminal groups operate freely from Russia. They’ve got websites on the so-called dark web. This particular group has about a two-year history of attacking various organisations across the world.”

Separately, a source confirmed to The Telegraph that Qilin was understood to be behind the attack.

It is believed that the firm has links to Russian president Vladimir Putin and is threatening to expose patient data unless a fee is paid.

The Telegraph understands executives within Synnovis, the company which operates the system which was targeted on Tuesday, have privately called the situation a “nightmare”.

Board members have spoken of “internal chaos” as they clamour to resolve the issue amid growing concerns for patient safety.

In March, Qilin claimed responsibility for breaking into the Big Issue Group’s IT systems and stealing confidential data.

‘They are simply looking for money’

Qilin first emerged in 2022 and has been responsible for 29 ransomware attacks globally this year, according to research by Comparitech.

Mr Martin said the group has attacked vehicle manufacturing firms, the Big Issue and Australian courts, adding: “They are simply looking for money. It’s unlikely they would have known that they would have caused such serious primary health care disruption when they set out to attack the company.”

He said it was a “more serious ransomware attack where the system just doesn’t work”.

Healthcare workers in the trusts affected are unable to see patient results as a consequence of the attack, Mr Martin said. Similar attacks have taken place around the world.

Mr Martin said Synnovis, which provides pathology services to large hospitals and GP surgeries in the capital, would be allowed to pay a ransom because it is not a government body.

The company was formed from a partnership between SynLab UK and Ireland, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust.

Pathology services help with the diagnosis and treatment of illnesses and infections by analysing samples, including blood and tissue.

NHS leaders said there had been a “significant impact” on King’s College Hospital, Guy’s and St Thomas’ and GP services in south-east London.

The Department of Health and Social Care said it was working with the NCSC following the attack.

Patients awaiting operations and other tests have faced last-minute cancellations or been redirected to other NHS providers as hospital bosses try to establish what work can be carried out safely. 

It is understood that blood tests and transfusions have been most severely impacted. Elective surgeries at King’s College have been cancelled and there are delays of up to 10 hours for blood tests in A&E.

——————————————————–


Click Here For The Original Source.

.........................

National Cyber Security

FREE
VIEW