In a nutshell: Ransomware attacks not only cause significant damage to digital-focused companies, but they can also disrupt essential real-life services. Healthcare, once a troublesome target for established cyber-crime groups, is again being targeted in the latest file-encrypting operations.
An unknown ransomware gang has brought pathology lab company Synnovis down, forcing major London hospitals to cancel or delay their healthcare services as a consequence. According to the UK's National Health Service (NHS), the attack is having a "significant impact" on services delivered by Guy's, St Thomas', and King's College Hospital NHS Foundation Trusts, as well as care services in southern London.
Emergency care is still available, NHS representatives confirmed; therefore, London patients "should" be able to access healthcare lines by dialing 999 (for emergencies) or 111. Scheduled appointments are confirmed as well, unless patients are told otherwise. The NHS is still trying to understand the full impact of the ransomware attack, which means that this critical incident will likely not be resolved for a few hours or even days.
According to messages leaked on Tuesday, Synnovis experienced a "major IT incident" which brought the company's services offline. Affected hospitals cannot access Synnovis' servers right now, making blood transfusions and related hospital services very difficult or impossible to administer. The NHS was forced to cancel surgeries at specialist centers, and focus only on the most urgent cases.
Leaked documents revealed that WinPath, a digital platform for blood transfusion management, is currently down across all sites served by Synnovis. Other systems such as BloodTrack and EPIC are still working, although all of the company's IT systems seemingly have been compromised by this devastating ransomware attack.
Synnovis CEO Mark Dollar said that the organization is still trying to understand what actually happened. There's now a task force of experts, both from Synnovis and the NHS, working to assess this major incident and the effects it had on London's healthcare. Dollar wants to "minimize" the impact on patients, but things are looking dire for people in need of organ transplants or other urgent operations.
Synnovis takes cybersecurity "very seriously," Dollar said, but this incident is a harsh reminder about the disruption a sudden, unexpected, and very effective attack can bring. In April, one of Synnovis' partner companies (Synlab) suffered a major security breach by the Black Basta ransomware group. Synlab Italia was able to restore its healthcare services in a month, although there are no clear indications that Black Basta was involved in the latest attack against London hospitals.