US and UK major hospitals attacked by cyber criminals

You are currently viewing  US and UK major hospitals attacked by cyber criminals

By Our Special Correspondents

America’s White House has confirmed that both Microsoft and Google will offer free or discounted cyber-security services to rural hospitals across the United States to make them less vulnerable to cyber-attacks that have disrupted patient care and threatened lives. Microsoft said in a statement to journalists that it would provide free security updates for eligible rural hospitals, as well as security assessments and training for hospital staff. Google will provide free cyber-security advice to rural hospitals and start a pilot programme to match the firm’s cyber-security services with the needs of rural hospitals.

The nation’s roughly 1,800 rural community hospitals are among the most vulnerable to dangerous ransomware attacks because they often lack IT security resources and cyber-security-trained staff. And they may be the only hospitals within dozens of miles, meaning a ransomware attack that prevents a hospital from accepting ambulances can put patients’ lives at risk.

The new announcement is the result of private discussions between the tech firms and officials at the White House National Security Council who increasingly have had growing concerns about cyber threats to hospitals. It’s an effort to use the broad reach of Microsoft and Google’s software, which is used in hospitals across the United States, to help plug a gap in the defence of the health care sector.

“We’re in new territory as we see … this wave of attacks against hospitals,” Anne Neuberger, the top cyber official at the White House National Security Council, told reporters penultimate Sunday.

The Biden administration is also preparing to issue minimum cyber-security requirements for United States’ hospitals. The details of that proposal have yet to be finalized. But the American Hospital Association, which represents hospitals across the United States, opposes the proposal, saying it would impose penalties on victims of cyber-attacks after they are hacked.

The number of ransomware attacks against the US healthcare sector increased by 128% in 2023 compared with 2022, according to data released by the Office of the Director of National Intelligence. And recent ransomware attacks have brought the sector’s vulnerability into sharp relief.

A February ransomware attack on a major health insurance billing firm cut off health providers from billions of dollars and put some health clinics on the brink of bankruptcy. United Health Group, whose subsidiary was hacked, paid a $22 million ransom to the hackers to try to recover patients’ data. One third of Americans may have had their data stolen. Another ransomware attack, in May, on one of America’s largest hospital chains, put patients’ lives in danger as nurses were forced to manually enter prescription information, multiple nurses at affected hospitals.

The FBI and its international allies have conducted a series of crackdowns on ransomware gangs, seizing the computers they use and unlocking some of the victim computers that hackers have encrypted. But ransomware remains a flourishing business, in part, US officials say, because many of its perpetrators operate with impunity from Russia.

The health care sector is a particularly enticing target because hospitals under duress to restore patient services are sometimes willing to pay the ransom.

“We do see a much more permissive environment in Russia by both ‘hacktivists’ and criminals, and it’s of concern,” Neuberger, the White House official, told reporters. “We also see more and more companies paying ransoms. And every ransom payment feeds the beast and drives further attacks.”

Cyber-attacks have frequently shut down other vulnerable services. The City of Cleveland is investigating a cyber incident, according to a statement from mayor Justin Bibb. As a precaution, the city said it closed City Hall Monday, and it will keep City Hall closed Tuesday. Cleveland also shut down all of its internal systems and software. But city and emergency services like the Department of Public Safety, 911, police, the fire department, ambulances and the Department of Public Utilities, will remain operational, Bibb’s office said. However, the mayor said the emergency services are functioning with limited IT capabilities.

“Over the weekend, the city identified some abnormalities,” Commissioner Kimberly Roy-Wilson, with the city’s Division of Information Technology Services, said. “We have moved into our protocols and procedures with regards to containment and we are now investigating the nature and scope of those abnormalities.” Bibb would not say how many or which agencies are helping with the investigation

In a related development, an urgent call has gone out to medical students to help London hospitals recover from a major cyber-attack. A critical incident was declared on Tuesday after the ransomware attack targeted the services provided by pathology firm Synnovis. Such services as blood transfusions and test results were severely disrupted.

In a leaked message to trainee medics at Guy’s and St Thomas’ Trust, students were asked to volunteer for 10 or 12-hour shifts. A spokesperson for NHS London said staffs were “working around the clock” to minimise “the significant disruption to patient care”.

The cyber-attack, believed to have been carried out by a Russian group calling themselves Qilin, affected services provided by King’s College Hospital NHS Foundation Trust as well as Guy’s and St Thomas’ NHS Foundation Trust. Surgery and transplant operations at Royal Brompton and Harefield hospitals are believed to have been impacted, as is the Evelina London Children’s Hospital and primary care services. It is understood that staffs on wards are now using paper-based methods and signing blood transfusion bags.

In the message to trainees, which has been seen by the media in the UK, medical students were told they would act as “floorwalkers” and hand deliver blood tests. It said: “In this critical situation, we urgently need volunteers to step forward and support our pathology services. The ripple effect of this extremely serious incident is felt across various hospital, community and mental health services in our region.” Students were told that their assistance was “crucial” and that it was an opportunity to “demonstrate your commitment to patient care”.

In a separate leaked email to staff, the chief executive at Guy’s and Thomas’ Trust, Prof Ian Abbs, said difficult conversations were being had with patients who have had appointments cancelled. He confirmed the disruption would last for a number of weeks and that a response was being coordinated by the regional NHS England team.

At Guy’s and St Thomas’, trust staff raised concerns that clinical decisions were being made without the support of pathology. In another letter they were told staff had the full support of management “to make decisions based on your best professional judgment”. A spokesperson for NHS London said they were sorry to all those impacted by the cyber-attack. “Pathology services are integral to a wide range of treatments and we know that a number of operations and appointments have been cancelled due to this attack,” they said.

“We are still working with hospitals and local GP services to fully assess the disruption, and ensure the data is accurate. In the meantime our advice to patients remains, if you have not been contacted please do continue to attend your appointments.”

Leave a Reply