View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Two London trusts impacted by debilitating NHS cyberattack

Both King’s College Hospital and Guy’s and St Thomas’ NHS trusts have claimed to be victims of an “IT incident” in what would be the second major NHS cyberattack of this year.

By Greg Noone

Two hospital trusts in London have been hit by a “major IT incident” in what appears to be the second most serious NHS cyberattack of this year. King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust have seen several primary services impacted. As such, this has led to the curtailing of vital procedures, including blood transfusions, and the cancellation or reassignment of several operations.

“The staff on the ward didn’t seem to know what had happened, just that many patients were being told to go home and wait for a new date,” one patient told PA Media. “I’ve been given a date for next Tuesday and am crossing my fingers.”

The exterior of King's College Hospital in London, used to illustrate an article about an NHS cyberattack.
King’s College Hospital is one of two NHS trusts in London claiming to have been impacted by a “major IT incident,” in what appears to be the second-largest NHS cyberattack of this year. (Photo by Shutterstock)

NHS cyberattack could have ransomware links

The incident is believed to have begun on Monday when staff at the affected trusts complained of being unable to access relevant servers. The cyberattack itself appears to have targeted Synnovis, a pathology service provider formed out of a collaboration between King’s College and Guy’s and St. Thomas’ NHS trusts. Sources speaking to the Health Service Journal stated that the impacted systems were victims of a ransomware attack. Meanwhile, staff told Sky News that doctors overseeing emergency blood transfusions were being forced to record their notes exclusively on pen and paper. 

If ransomware is involved, it would be the second major NHS cyberattack of this year. In March, hackers from the INC Ransom collective threatened to release patient data it had stolen from NHS Dumfries and Galloway. The trust later confirmed that the data being offered for sale by the group was genuine. “NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patents whose data has been published, and the general anxiety which might result within our patient population,” said its health board chief executive, Jeff Ace. 

Hospitals tempting targets for ransomware criminals

Healthcare institutions remain juicy targets for ransomware gangs, said Martin Lee, Cisco’s technical lead of security research, with hackers believing the consequences of their actions likely to accelerate quick returns for their efforts. “Outages apply pressure on management to pay off the attackers to restore availability quickly,” argued Lee. “However, paying the ransom means that these attacks remain profitable and ultimately only serve to encourage further attacks.”

Warding off future attacks requires a strategy of reliance on the part of healthcare providers, added Lee. That, he elaborated, requires “blocking as many attacks as possible, quickly identifying when attackers have gained access to systems – and responding swiftly to eject attackers and restore functions if attacks do succeed.”

Read more: Massive spike in cyberattacks using valid user credentials

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.