Security News NHS Trust Suspends Operations After Major Cyber Incident

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
An NHS Foundation Trust has taken the unprecedented step of suspending all operations after revealing it suffered a major cyber-attack over the weekend.

Northern Lincolnshire and Goole Trust runs hospitals in Scunthorpe, Grimsby and Goole.

It claimed in a statement on its homepage that although antenatal clinics and chemotherapy will still go ahead, most other appointments on Monday and Tuesday were cancelled.

It explained:

“A virus infected our electronic systems on Sunday October 30 and we have taken the decision, following expert advice, to shut down the majority of our systems so we can isolate and destroy it.

Our main priority is patient safety. A major incident has been called and all planned operations, outpatient appointments and diagnostic procedures have been cancelled for today (Monday) and tomorrow (Tuesday). All patients should presume their appointment/procedure has been cancelled unless they are contacted. Those who turn up will be turned away.”

The incident is so serious that the Trust is transferring “major trauma cases” and “high risk women in labour” to other hospitals nearby.

Although it’s unclear exactly what kind of malware has caused such widespread disruption across the Trust’s network, ransomware would seem to be the best bet.

It has already targeted hospitals in Germany, the UK and the US – with cyber-criminals keen to exploit the fact that such organizations may not have adequate cybersecurity in place and be more prepared to pay up in order to restore mission critical systems.

In one of the first cases of its kind to hit the headlines earlier this year, for example, the Hollywood Presbyterian Medical Center revealed that it paid a $17,000 ransom to regain access to its data.

Nearly half (47%) of the 60 Trusts that replied to an NCC Group FoI request back in August claimed to have suffered a ransomware attack over the past year.

Ed Macnair, CEO of CensorNet, argued the problem for IT teams today is the sheer number of attack vectors they have to guard against.

“While there’s every chance this particular attack targeted the trust maliciously, it’s just as possible that the virus came from someone clicking the wrong link or visiting the wrong website,” he added.

Full Article. NHS Trust Suspends Operations After Major Cyber Incident
 

soccer97

Level 11
Verified
May 22, 2014
517
The hospital/Trust system did the best they could. The only way to prevent it from spreading was to shut down every machine except maybe a mission critical backup that is always kept running on a separate server or something - or if they had backup laptops with the previous weeks backup files. That's hard for a healthcare system.

I hope they catch and prosecute the criminal. Ransomware in general is bad enough. For someone to have the nerve and disrespect/disregard for people's livelihood and health is an entirely different scenario. No telling all of the consequences that could have, or may have ensued.

Having to reroute people from the nearest Level 1 trauma center is serious- and they are generally pretty far away as they are expensive hospitals to maintain.


I thought about working in Healthcare InfoSec. My concern is the amount of legacy applications and the endpoints. As is always said what is the weakest link? The end user.........

I am glad they were able to still help the terminally ill patients.
 

Tony Cole

Level 27
Verified
May 11, 2014
1,639
It's sick, I cannot describe the words that come to mind, you target a hospital. Trauma 1A calls require immediate assistance, not too sure what level the hospital is, but those calls are pelvic fractures, someone bleeding out and cannot afford to be rerouted to another hospital.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top