A Russian group of cyber criminals known as Qilin are thought to be behind a cyber attack that impacted major London hospitals, according to an expert. Pathology services provider Synnovis, a partnership between SynLab UK & Ireland, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust, was targeted on Monday, June 3.
The ransomware attack has led to hospitals cancelling operations and tests and being unable to carry out blood transfusions. Qilin is understood to be a Russian cyber gang that runs a ransomware-as-a-service model.
They operate using websites on the dark web, according to Ciaran Martin, the former chief executive of the National Cyber Security Centre. He said the group has a two-year history of attacking organisations across the world.
READ MORE: Police hunt for ‘dangerous’ South Norwood man after woman in 30s stabbed
What is ransomware?
Ransomware is a type of malware. In some cases, hackers use it to bring down systems and prevent users from accessing their devices or the data stored on them, usually by encrypting it. They will then demand money to decrypt the files.
However, Mr Martin claims Qilin’s attack on Synnovis is “more serious” as it has led to systems not working.
He added that it is “really one of the more serious that we’ve seen in this country”.
What other attacks is Qilin thought to be behind?
According to Mr Martin, Qilin has previously targeted publishing and social enterprise group the Big Issue Group. Reports by Computer Weekly in March suggest the hackers claimed an attack during which the company’s IT systems were broken into and confidential data was stolen.
This included information on staff, such as addresses, passport scans and payroll information. At the time, Paul Cheal, group chief executive of the Big Issue Group, confirmed some of the data had been posted on the dark web.
In January, reports in Australia suggested Qilin had hacked the systems used by courts in the state of Victoria. Hackers allegedly gained access to recordings of hearings that occurred between November and December.
Qilin also claimed an attack on Yanfeng Automotive Interiors, a major supplier of car parts headquartered in China, last year. The files stolen included financial documents, non-disclosure agreements, quotation files and technical data sheets, according to cybersecurity news site Bleeping Computer.
The attack had a knock-on effect on car maker Stellantis, which gets seating and interior components, including electronics, from Yanfeng. It is understood production was halted at the car maker’s North American plants for the period of time as a result.
How has Synnovis and the NHS responded to the attack?
Some operations and procedures across the hospitals were cancelled or redirected to other providers. NHS officials said they are working with the National Cyber Security Centre to understand the impact of the attack, while Synnovis said it has been reported to law enforcement and the Information Commissioner.
If a ransom is demanded, will the hackers be paid?
The Government has a policy of not paying hackers, Mr Martin said, although the company impacted would be free to pay the ransom if it chose to.
Got a story? Please get in touch at [email protected]
Our London Court & Crime newsletter brings you the latest major court updates and breaking news straight to your inbox. You can sign up HERE.
This post was originally published on the 3rd party site mentioned in the title of this this site