Ransomware attack could impact London hospitals for months to come

Exterior view of St Thomas' Hospital with ambulance
At some hospitals, like St Thomas’, even urgently needed procedures had to be postponed. (Source: IMAGO / ZUMA Press Wire)

It could be months before several major hospitals in the British capital can return to normal operations, the Guardian reports. The cause is an IT security breech at an outside contractor used by the hospitals. The National Health Service (NHS) has issued a call for blood donors.

Last week, the contractor, Synnovis, confirmed that it had been the victim of a ransomware attack. The company analyzes blood samples for hospitals.

As the Guardian reported on Tuesday, there is no telling at this point how long the problem will persist. “It is unclear how long it will take for the services to get back to normal, but it is likely to take many months,” an NHS official told the newspaper. “Key to a return to normal will be clarity about how the hackers gained access to the system, how many records have been affected and whether these records are retrievable.”

In a ransomware attack, criminals encrypt normally accessible data in a computer system and demand a ransom to restore access. Often the hackers will steal information and threaten to publish it. Paying the ransom doesn’t guarantee that the blackmailers will actually restore access to encrypted data or refrain from publishing stolen information.

Hospitals outside of London also affected

Among the facilities affected by the attack are King’s College Hospital, which provides care to roughly one million patients in London. Royal Brompton and Harefield Hospitals, the largest heart and lung clinic in the UK, have likewise been unable to operate normally. According to the Guardian, numerous private practices have also been impacted.

The Independent newspaper reported on Tuesday that hospitals in other parts of the UK such as Portsmouth in the south of England were also forced to dial back services. The effects of the attack were not so severe as in the capital, however.

Emergency operations postponed

Last week it came to light that London hospitals had had to postpone some operations. Over the weekend there were also reports that more than 200 operations had to be cancelled – including “emergency and life-saving operations” that “should be done within 24 hours.” According to media reports, cancer patients were among those affected.

The Independent reports that more than one third of all planned operations were cancelled. The list of cancelled procedures included organ transplants.

Stephen Powis, the medical director for NHS England, said that operations would be moved to nearby clinics.

Call for blood donors

Because of the ransomware attack, blood samples can’t be tested as quickly as usual, as the NHS reports in a statement released on Monday. According to the Independent, Synnovis, the company affected by the cyberattack, normally tests tens of thousands of samples per day.

Hospitals must now stock up on type O blood. The NHS has issued an urgent call for donations of O positive and O negative blood. People whose blood type is O negative are known as universal donors. Their blood can be given to any patient and is thus used in emergencies when there is no time to conduct a test to determine blood type. O positive is the most common blood type and is also highly sought after.

Not an isolated incident

Several ransomware attacks in the healthcare sector have come to light in recent years. In 2017 numerous companies and institutions around the world were infected with the malware known as WannaCry – British hospitals were among those affected. According to the National Health Service, at least 7,000 appointments, including operations, had to be canceled. But by the NHS’s own estimate, the figure could have been as high as 19,000.

In fall 2020 Düsseldorf University Hospital in Germany had to postpone operations and close its emergency department after data on the hospital’s servers was encrypted by ransomware.

The incident drew a great deal of attention after one patient who had to be transferred to another hospital died shortly after the transfer. The state prosecutor opened an investigation on suspicion of negligent homicide, but later dropped the inquiry after an autopsy revealed that the woman likely would have died even had she received faster treatment.

Late last year a company that operates 30 hospitals in six US states had to divert patients from its own emergency rooms to those of other hospitals. The health care chain’s systems were taken offline after ransomware was discovered.

A similar incident earlier this year impacted US pharmacies. And in February hospitals and other medical facilities in Romania were affected by a ransomware attack. (dpa / js)