Two hospital trusts have been forced to suspend some critical operations following a cyber attack.
The attack affected the pathology systems at both Kings College Hospital Foundation Trust and Guy’s and St Thomas’ Hospitals Foundation Trust in London, according to emails seen by The Independent.
Synnovis, a supplier of blood tests to the two hospital trusts, was the target, with the firm reporting on Monday that it was dealing with a malware attack, according to sources close to the hospitals.
According to a message distributed to staff on the same day, Synnovis informed the hospital trusts of a “major incident with ICT systems.”
Reporting from The Guardian said one healthcare worker described communication with the necessary labs as limited to paper only after Synnovis’ servers were taken offline to mitigate risk.
This caused a backlog in the processing of bloodwork, causing cancellations and reassignments. GPs were told to cancel non-emergency pathology appointments and staff were told to only request emergency blood samples for patients requiring transfusions.
A critical incident has since been declared while multiple sources at senior positions within the NHS have confirmed that the National Cyber Security Center (NCSC) is now involved.
Transplants have been impacted due to the fact that patients cannot have their blood tests cross-checked, a senior NHS source told The Independent, and healthcare leaders have been told the incident could apparently take “weeks or months” to resolve.
Healthcare providers need to protect their vital role
This attack marks the latest in a slew of incidents affecting healthcare providers and once again highlights the vulnerable state of the healthcare industry, experts told ITPro.
“NHS systems are a prime target for cybercriminals because one tiny breach can impact multiple entities,” said Trevor Dearing, Director of Critical Infrastructure at Illumio.
“The ‘chaos factor’, the act of causing mass societal upheaval, is now the driving force behind many cyberattacks, and healthcare is one of the few sectors where cyberattacks can fatally impact human life,” he added.
The attack also demonstrates the “fragility of critical infrastructure” in the UK, CPO at Arctic Wolf Dan Schiappa told ITPro, and the hospitals themselves could take a long time to recover.
“As two of the busiest hospitals in the UK, they hold troves of personal and confidential information on patients, meaning this attack could have long-lasting effects,” Schiappa said.
Schiappa noted that the incident showcases the wide-ranging disruption threat actors can inflict by targeting third-party suppliers. He added that other users of Synnovis services will need to assess their own security practices in the coming days.
Moving forward, these hospitals will need to prioritize patching “external facing vulnerabilities” as well as looking to establish “comprehensive” round-the-clock security operations and privileged access management systems.
“Healthcare providers over the globe should take the suggested steps to ensure patients can safely access care,” Schiappa said.
