Categories: CyberCrimeSecurity

NHS Software Supplier Confirms Ransomware Attack

A NHS software supplier targeted by ransomware has said it could take three to four weeks to fully remediate the disruption caused by the attack.

Birmingham-based Advanced, which supplies software used by the NHS’ 111 service and other operations, identified the attack on 4 August and last week confirmed that it had been hit by ransomware.

Advanced would not say whether NHS data had been stolen or whether it was negotiating with hackers or paying a ransom.

“We are rebuilding and restoring impacted systems in a separate and secure environment,” the company said in a statement.

Ransomware

The NHS says disruption is minimal.

“While Advanced has confirmed that the incident impacting their software is ransomware, the NHS has tried and tested contingency plans in place including robust defences to protect our own networks, as we work with the National Cyber Security Centre to fully understand the impact,” said a spokesperson for NHS England.

“The public should continue to use NHS services as normal, including NHS 111 for those who are unwell, although some people will face longer waits than usual.

“As ever, if it is an emergency, please call 999.”

Disruption

Services affected include patient referrals, ambulance dispatch, out-of-hours appointment bookings, mental health services and emergency prescriptions.

The Advanced systems disrupted by the ransomware include Adastra, which helps 111 call handlers dispatch ambulances and helps doctors access a patient’s GP records; Carenotes, used by mental health trusts for patienet records; Crosscare, which helps run hospices; and Staffplan, used by care organisations.

Some hackers declared a moratorium on attacking healthcare systems during the earlier stages of the Covid-19 pandemic, but risk consultancy Kroll said such attacks rose 90 percent in the three months to 30 June compared to the previous quarter.

The group said healthcare was the sector most targeted by hacking groups and that attacks often involved a double extortion in which hackers disabled the organisations’ systems by encrypting them, and also threatened to release stolen data.

Zero trust

Rick Jones, chief executive of computer security firm Digital Xraid, said the attack was an example of how hackers have recently begun “leveraging back-door entry points through smaller, less resourced points of the supply chain” as a way to gain access to larger systems, “in this case, one of the largest public sector bodies in the UK”.

He said regular cyber-security training and a “zero trust” architecture can help mitigate threats.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

5 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

6 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

7 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

9 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

12 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

12 hours ago