UK Healthcare System Won’t Fully Recover from Ransomware Attack Until Fall

Synnovis, a blood testing partnership, has announced that its blood transfusion services, disrupted by a ransomware attack, may not be fully operational until the fall. The attack affected 60 systems, rendering them unusable without a ransom payment.  

‍

This led to significant disruptions, including the cancellation of hundreds of operations and thousands of appointments. Synnovis has since rebuilt many of the affected systems and aims to stabilize blood transfusion services over the summer.

‍

The disruption contributed to an urgent appeal for blood donors by the NHS due to "unprecedently low" blood stock levels, the BBC reports.

‍

Synnovis is a collaboration between Guy’s and St Thomas’ NHS Foundation Trust, King’s College Hospitals NHS Trust, and Synlab, a commercial testing firm. Recently, more laboratories have been reconnected to electronic systems for receiving test orders and returning results.

‍

Core chemistry and hematology services have been restored at King’s College and Princess Royal University Hospitals, with similar progress expected soon at Guy’s and St Thomas’, Royal Brompton, and Harefield Hospitals.  

‍

This development is expected to increase the number and variety of tests available shortly.

‍

Takeaway: In recent years, ransomware attacks on healthcare providers have escalated, resulting in dire consequences for patient outcomes. Evidence is mounting that these cyberattacks are not just disruptive but are leading to diminished health and increased mortality rates.

‍

It is high time to recognize these attacks on healthcare organizations and other critical infrastructure providers as what they truly are: threats to our national security.

‍

Research spanning from 2016 to 2021 has revealed that ransomware attacks have contributed to between 42 and 67 patient deaths. Additionally, there has been a 33% increase in death rates per month for hospitalized Medicare patients during the same period. These figures starkly illustrate the lethal consequences of these cybercrimes.

‍

While ransomware attacks generate substantial revenue for the attackers, there is growing evidence to suggest that some of these attacks also serve to further the geopolitical interests of adversarial nations, with Russia being a prime suspect.  

‍

Many notorious ransomware gangs and their tools have been linked to the Russian government, suggesting a dual purpose behind these attacks: financial gain and geopolitical strategy.

‍

The plausible deniability afforded by the apparent criminal nature of these ransomware attacks complicates the response. When these attacks are aligned with the geopolitical strategies of adversarial nations, they become a form of state-sponsored attacks.  

‍

Reclassifying these ransomware attacks as a threat to national security opens up a range of new options for response. The close alignment of many attacks with the geopolitical interests of adversarial nations like Russia, coupled with the plausible deniability they provide, necessitates a shift in how we address these threats. We can no longer treat these issues as simple criminal matters.

‍

‍

Halcyon.ai is the leading anti-ransomware company that closes endpoint protection gaps and defeats ransomware through built-in bypass and evasion protection, key material capture, automated decryption, and data exfiltration prevention – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.