Home News Aftermath of UK cyberattack: Blood shortages and delayed operations

Aftermath of UK cyberattack: Blood shortages and delayed operations


More than a week after a cyber attack paralysed services at several London hospitals, which remain under severe pressure, medical students have been asked to volunteer to help limit disruption as thousands of blood samples have had to be discarded and operations postponed.

this Ransomware attacks The incident at Synnovis, a private company that analyses blood tests, has paralysed services at two major NHS hospital trusts, Guy’s Hospital and St Thomas’ and King’s, which described the situation as “critical”.

Several London hospitals are asking medical students to volunteer for 10- to 12-hour shifts, according to a memo leaked in recent days. “We urgently need volunteers to come forward and support our pathology services,” the message said. BBC“The ripple effects of this extremely serious incident are felt across our region’s hospitals, communities and mental health services.”

The attacks have also disrupted blood transfusions, with Britain’s National Health Service this week appealing to the public for donations of O-negative blood (which can be used to transfuse any blood type) and O-positive blood (the most common blood type), saying it could not match blood for patients with the same frequency as usual.

While the NHS declined to comment on which group was suspected of carrying out the attack, Ciaran Martin, the UK’s former cybersecurity chief, told the BBC last week that a group called Qilin is likely the culpritSynnovis said in a statement last week that it was working with the UK government’s National Cyber ​​Security Centre to understand what happened.

Thousands of blood test samples may have to be destroyed because of a lack of connectivity to electronic health records, Synnovis said in an email to primary care providers on Monday. In a statement on Wednesday, Synnovis said the IT system downtime was too long to process samples collected last week.

The NHS, which most people in the UK rely on to provide medical services, has significantly increased its investment in cybersecurity since 2017. Ransomware attacks It wreaked havoc on its computer systems and forced the cancellation of nearly 20,000 hospital appointments and surgeries.

Since the cyberattack, some NHS medical staff at affected hospitals have begun using pen and paper to record test results, while access to computerized blood test records has been restricted. Jamie MacColl, a cybersecurity researcher at the Royal United Services Institute, a British think tank, said that manually recording results would lead to higher error rates and reduce blood testing capabilities, resulting in a decrease in emergency operations capabilities.

“The whole system is not broken, but it is under enormous strain,” said McColl. He said the number of successful ransomware attacks against the NHS was far fewer than those against U.S. health care providers, which are more vulnerable to extortion because the NHS will not pay the ransom, he said.

Rebecca Wright, a cybersecurity professor at Barnard College, said hospitals are particularly vulnerable to ransomware attacks because they are difficult to secure and often rely on a patchwork of disparate systems and third-party vendors.

The main purpose of an attack is not always to steal a hospital’s data, she said, but to paralyze or disrupt services, forcing the provider to pay a ransom.

U.S. authorities say paying ransoms helps perpetuate the cycle, which has led to an increasing number of attacks on hospitals. But for health care providers, paying ransoms is a costly endeavor. The ransom could be lower Rather than rebuilding the computer system.

Global ransomware payments exceed Last year it was $1 billionAccording to Chainanalysis, a U.S. blockchain analysis company, the five highest-grossing ransomware variants in 2021 are linked to Russian cybercriminals, according to the U.S. Treasury Department’s Financial Crimes Enforcement Network, which aims to protect the financial system from illicit use.

In February, a cyberattack hit Change Healthcare, a company that manages a third of U.S. patient records. Major disruption This includes payments for things like routine medication prescription orders and expensive surgeries. Senate Hearings Last month, Andrew Witty, CEO of Change.com’s parent company UnitedHealth Group, admitted that the company paid a $22 million ransom to attackers.

Just a few weeks ago, AscensionIt is one of the largest healthcare systems in the United States, with approximately 140 hospitals. Large-scale cyber attacksDoctors and nurses at Ascension Hospital rarely had access to digital records of patient medical histories, instead using paper records and faxes.

Ascension said Wednesday that an employee accidentally downloaded a malicious file they thought was legitimate, and that attackers subsequently gained access to its systems. The company said it had no evidence that data from its electronic medical records system was stolen and was still working to Restoring access to electronic health records The company plans to have the entire network deployed by Friday.

Source link


Please enter your comment!
Please enter your name here