A ransomware attack against a major IT provider for the NHS could take weeks or more to fix, according to software company, Advanced. The case serves as a cautionary tale about how disruptive cyber-crime can be for a business, even when targets are third-party vendors.
The cyber-attack occurred on 4th August, causing widespread outages across the NHS. The target of the attack was IT company Advanced, a software provider that serves multiple NHS departments. Services affected by the cyber-attack included patient referrals, ambulance dispatch, out-of-hours appointment bookings and mental health services.
Ransomware Attacks Explained
Ransomware is a form of malware designed to deny a user or organisation access to files on their network. Following an attack, cyber-criminals demand money in exchange for the release of stolen data or system recovery.
In this particular instance, seven of the NHS’ software systems were taken offline, including software that helps 111 call handlers dispatch ambulances and allows doctors to access patients’ GP records. It’s unknown if the NHS has presently engaged with the cyber-criminals’ demands.
Who is Behind the Attack?
Currently, no ransomware group has been named as the attacker. However, Russia is said to be linked to a majority of similar cyber-attacks worldwide. In fact, 74% of all money made through ransomware attacks in 2021.
went to Russia-linked hackers, according to research by cryptocurrency tracking and analytics firm Chainalysis.
The Impact on the NHS
The hacked software has caused significant disruptions to NHS services. For example, one affected software system, Adastra, enables clinicians to record medical information online and send this to a patient’s GP. While Adastra has been offline, staff have been writing medical notes on paper. Doctors predict it could take months to input the growing backlog of patient records once Adastra is restored.
Advanced reported the London and South Central Ambulance Services have since been reconnected to their system; other users will be brought back online on a rolling basis. However, it could take up to 12 weeks to get all services fully functional.
Conclusion
The cyber-attack on Advanced has significantly impacted the NHS and its patients. Such an attack demonstrates how devastating ransomware attacks can be and how long they can take to recover from, even when targets are third-party vendors. Therefore, it’s vital for organisations of all types and sizes to implement a comprehensive cyber-risk plan to mitigate any fallout from potential cyber-attacks. For more information on cyber-resilience, contact us today.
Legal Specific Disclaimer:
The following information is not exhaustive, nor does it apply to specific circumstances. The content therefore should not be regarded as constituting legal or regulatory advice and not be relied upon as such. Readers should contact a legal or regulatory professional for appropriate advice. Further, the law may have changed since the first publication of this information.
The content of this Cover Overview is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2022 Zywave, Inc. All rights reserved.