Categories: Security

NHS Hit By ‘Dozens’ Of Ransomware Attacks

NHS Digital has acknowledged ransomware attacks on its network, following a report over the weekend that found at least 28 NHS trusts in England were affected by the data-encrypting malware over the past year.

The executive Department of Health body, which oversees some aspects of the NHS’ national IT systems and collects data on trusts, did not disclose how many attacks had been reported to it, saying only the figure was “fewer than five”.

Dozens affected

However, trusts are only obliged to report the most serious incidents to NHS Digital, and a study carried out by Manchester-based IT security firm NCC Group found at least 28 trusts in England had been hit by ransomware, according to a report by newspaper The I.

Twenty of those trusts paid no ransom, with another eight, including two unnamed London hospitals, declining to say whether they paid, according to data drawn from Freedom of Information Act requests.

The number of incidents may have been much higher as the majority of trusts either declined to provide information or did not respond. NCC said the responses suggest up to half of trusts may have been hit by ransomware during the period.

“The health service is by no means alone in facing this kind of attack,” said Ollie Whitehouse, technical director of NCC Group, in a statement. “But NHS trusts are being increasingly targeted and any loss of patient data would be a nightmare scenario.”

‘Rare’

NHS Digital said incidents reported to it were “rare” and that no ransoms had been paid.

“In the last year there have been fewer than five reports of ransomware attacks on individual machines on a network used by around two million people,” the body said. “In all reported cases, effective and swift action was taken and no ransoms have been paid.”

The group acknowledged that, as with other types of organisations, attempted ransomware attacks are “rising” but it said it is taking action to ensure data safety.

Ransomware, usually spread via disguised email attachments, encodes data found on affected systems and networks and charges a fee ranging from hundreds to thousands of pounds to restore the information.

Europol earlier this month highlighted ransomware as the “dominant threat” to public and private organisations across Europe.

A McAfee study last month found a total of $100,000 (£80,000) had been paid by ransomware-affected hospitals alone in the first three months of this year, as a result of 20 separate attacks in the US, the UK, Australia, Germany, Canada and South Korea.

Security researchers estimate ransomware brings in hundreds of millions of pounds a year.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

36 mins ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

1 hour ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

2 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

4 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

7 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

7 hours ago