Inside hospitals held for ransom by Russian hackers

A cyber attack on NHS hospitals could take months to resolve, with HIV tests and cervical cancer screening being scrapped and staff working on paper, The Independent it was said by insiders.

On Monday, major London hospitals were hit by a ransomware attack by Russian hackers, which took out the IT systems responsible for reporting patient tests.

Commercial supplier Synnovis provides systems used by laboratories, King’s College and Guy’s and St Thomas NHS trusts and GP services in six London boroughs – Bromley, Southwark, Lambeth, Bexley, Greenwich and Lewisham.

The NHS did not give full details of the activation of emergency plans, but senior hospital sources described the situation as a “disaster”, with staff having to record patients’ test results on paper and manually call emergency results.

Trusts have been forced to cancel or divert non-urgent operations and procedures and GPs were told on Monday to cancel all non-urgent blood tests.

Several senior NHS sources have now warned that it could take months to fully recover from the attack.

A trust director said: “We are telling staff it will take weeks and possibly months.

“They are all working on alternative solutions at the moment, but patient safety issues. We need to look at priority areas for processing tests for certain conditions and patients. Everything is on paper, which means more risk, of course.”

Another senior clinician said it could take months to recover but weeks to resolve “priority” services. They said the capacity for routine HIV testing and routine HIV testing in emergency departments was lost.

GP services in Bromley sent a message to patients on Wednesday, saying: “The attack is affecting all pathology services, including phlebotomy and cervical screening.

“Synnovis has asked patients to delay non-urgent blood work until further notice and has asked phlebotomy providers to cancel non-urgent appointments. This means that the BGPA will cancel all non-urgent phlebotomy appointments until further notice as there is no capacity to process and return samples at this time.”

On Wednesday, a spokesman for NHS England London said: “Unfortunately, some operations and procedures that rely more on pathology services have been postponed and blood tests are prioritized for the most urgent cases, meaning that patients had their phlebotomy appointments cancelled.”

Former head of the National Cyber ​​Security Center Ciaran Martin told BBC Radio 4 on Wednesday morning Today The attack program came from a Russian cybercrime group called Qilin.

The attack was described as a “ransomware” incident, meaning criminals demand money to unlock the system.

Professor John Clark, professor of computer and IT security at the University of Sheffield, said: “However, the exact nature by which the Synnovis system was initially breached is unclear. It’s critical to understand this because otherwise, once the system has been “cleaned,” attackers could simply re-enter—although such efforts would be subject to very heavy monitoring.

“Patient safety is a primary concern and accuracy of results is critical, so it is important to stress that unless it is known what has happened to the system, the accuracy of any data stored cannot be assured. Determining whether stored data has been tampered with may simply not be possible, and tests may need to be rerun and results rerecorded.”