NHS Hit By ‘Dozens’ Of Ransomware Attacks

Matthew Broersma,
NHS

At least 28 NHS trusts in England have been affected by ransomware in the past year, researchers find

NHS Digital has acknowledged ransomware attacks on its network, following a report over the weekend that found at least 28 NHS trusts in England were affected by the data-encrypting malware over the past year.

The executive Department of Health body, which oversees some aspects of the NHS’ national IT systems and collects data on trusts, did not disclose how many attacks had been reported to it, saying only the figure was “fewer than five”.

Dozens affected

ransomware

However, trusts are only obliged to report the most serious incidents to NHS Digital, and a study carried out by Manchester-based IT security firm NCC Group found at least 28 trusts in England had been hit by ransomware, according to a report by newspaper The I.

Twenty of those trusts paid no ransom, with another eight, including two unnamed London hospitals, declining to say whether they paid, according to data drawn from Freedom of Information Act requests.

The number of incidents may have been much higher as the majority of trusts either declined to provide information or did not respond. NCC said the responses suggest up to half of trusts may have been hit by ransomware during the period.

“The health service is by no means alone in facing this kind of attack,” said Ollie Whitehouse, technical director of NCC Group, in a statement. “But NHS trusts are being increasingly targeted and any loss of patient data would be a nightmare scenario.”

‘Rare’

NHS Digital said incidents reported to it were “rare” and that no ransoms had been paid.

“In the last year there have been fewer than five reports of ransomware attacks on individual machines on a network used by around two million people,” the body said. “In all reported cases, effective and swift action was taken and no ransoms have been paid.”

The group acknowledged that, as with other types of organisations, attempted ransomware attacks are “rising” but it said it is taking action to ensure data safety.

Ransomware, usually spread via disguised email attachments, encodes data found on affected systems and networks and charges a fee ranging from hundreds to thousands of pounds to restore the information.

Europol earlier this month highlighted ransomware as the “dominant threat” to public and private organisations across Europe.

A McAfee study last month found a total of $100,000 (£80,000) had been paid by ransomware-affected hospitals alone in the first three months of this year, as a result of 20 separate attacks in the US, the UK, Australia, Germany, Canada and South Korea.

Security researchers estimate ransomware brings in hundreds of millions of pounds a year.

Are you a security pro? Try our quiz!