-(002).png?lu=380)
05 June 2024
A crippling cyber-attack has severely impacted major hospitals in London, leading to the cancellation of operations and the diversion of emergency patients.
King’s College Hospital, Guy’s and St Thomas’, and Evelina London Children’s Hospital are among the affected institutions.
This attack has caused major disruptions to critical services, particularly blood transfusions and test results, significantly impairing service delivery. Some medical procedures have been cancelled or redirected to other NHS providers to ensure patient safety while the hospitals work to resolve the issue.
A spokesman for King’s College Hospital confirmed the cyber-attack, believed to have occurred on Monday, which disrupted connections to a main server. Senior sources suggest it was a ransomware attack, with some indicating that accessing pathology results could take "weeks, not days."
There are increasing concerns that urgent and emergency care will be compromised due to the inability to quickly access essential blood test results.
“There is a large importance for robust cybersecurity measures, especially in the healthcare sector. To enhance readiness, it is essential that security teams adopt robust network visibility to promptly identify and resolve vulnerabilities across systems, minimising the impact of cyber threats to vital infrastructure,” said Oseloka Obiora, CTO at RiverSafe.
"In a case such as this, where ransomware has not only compromised the operational capabilities of major hospitals but has also endangered patient care, we're reminded of how critical robust cybersecurity measures in the healthcare sector are. The reliance on third-party partners like Synnovis for essential services such as pathology highlights a vulnerability chain that can have cascading effects when one link is compromised,” said Javvad Malik, lead security awareness advocate at KnowBe4. "Cybersecurity is not just about protecting information; it's about safeguarding individuals themselves. As attacks become more sophisticated, the response must also evolve from merely defending perimeters to ensuring business continuity and resilience. The fact that emergency and critical care had to be reconfigured to a pen-and-paper system underlines the immediate and tangible impact of cyber threats on patient care. The stakes are incredibly high, with human lives in the balance, making it imperative that cybersecurity is treated as an integral part of healthcare delivery, with it becoming a fabric of organisations culture, not just a supplementary concern."
