According to experts, a Russian cybercriminal gang is behind the ransomware attack on London hospitals

Hear more in today’s episode of Tech & Science Daily.

A group of Russian cybercriminals is behind the attack on the pathology departments of several major London hospitals, a cybersecurity expert said.

Ciaran Martin, former chief executive of the National Cyber ​​Security Centre, said a group of criminals called Qilin was believed to be behind the attack that disrupted Britain’s NHS scheduled services on Tuesday.

Memos sent to NHS staff at King’s College Hospital, Guy’s and St Thomas’ (including the Royal Brompton and Evelina London Children’s Hospital) and primary care services in the capital said pathology partner Synnovis had been affected by a “serious IT incident”.

Some procedures and operations have been cancelled or transferred to other NHS providers as hospital management continues to assess what work can be carried out safely.

Speaking on BBC Radio 4’s Today programme, Mr Martin said: ‘These criminal groups – there are quite a few of them – operate freely from Russia, give themselves prominent names, have websites on the so-called dark web and this particular group has been carrying out attacks on various organisations around the world for about two years.

“They’ve attacked car companies, they’ve attacked the Big Issue here in the UK, they’ve attacked Australian courts. They’re just after money.”

He said it was “unlikely” that the Russian hackers knew when they launched their attack that they would cause such a severe disruption to basic healthcare.

He added: “There are two types of ransomware attacks. One is where they steal a lot of data and try to blackmail you into paying to keep it from being released, but this case is different. It’s the more serious type of ransomware where the system just doesn’t work.

“So if you work in this healthcare trust, you’re just not getting those outcomes. So that’s actually seriously disruptive.

“This type of ransomware has affected healthcare systems around the world.

“It’s particularly damaging in the United States, and this type of cyberattack is different in its impact from other attacks in that it affects people’s healthcare. So it’s really one of the more serious ones we’ve seen in this country.”

In 2021, it was announced that SynLab would partner with the NHS to provide pathology services in hospitals and GP surgeries across South East London.

The Pathology Service serves not only King’s, Guys’ and St Thomas’, but also the South London and Maudsley and Oxleas NHS Foundation Trusts, as well as a number of GP practices, clinics and other community services in the boroughs of Bromley, Lambeth and Southwark.

A spokesman for NHS England for the London region said Monday’s attack had a “significant impact” on service delivery at Guy’s and St Thomas’ Hospital, King’s College Hospital NHS Foundation Trust and primary care in south-east London.

“With the support of the government’s National Cyber ​​Security Centre and our cyber operations team, we are working diligently to fully understand the impact of the incident.”