Still under heavy strain more than a week after a cyber attack crippled services, London hospitals have had to discard thousands of blood samples and postponed hundreds of operations, asking medical students to volunteer to help minimise disruption.
A ransomware attack on Synobius, a private company that analyses blood tests, has crippled services at two major National Health Service hospital trusts, Guy's and St Thomas' Hospital and King's College, with both describing the situation as “critical”.
In a statement on Friday, The NHS said more than 800 elective surgeries, including 97 cancer treatments, and 700 outpatient appointments had to be rescheduled in the first week after the attacks. Five elective caesarean sections have been rescheduled and pathology services are operating at 10% of their usual occupancy rate, the statement said.
“We expect the disruption will continue for some time,” said Dr Chris Streather, medical director for NHS London.
A recently leaked memo revealed that hospitals in London have asked medical students to volunteer for 10-12 hour shifts. “We are urgently seeking volunteers to help our pathology services,” the message, previously reported by the BBC, said. “The ripple effects of this extremely serious incident are being felt across a range of hospital, community and mental health services in the region.”
The attacks also led to a disruption to blood transfusions, and the NHS this week appealed for people to donate blood – O-negative, which can be used for transfusions of any blood type, and O-plus, the most common blood type – as it is unable to match patients' blood as frequently as usual.
The NHS has declined to comment on which group it suspects carried out the attack, but Ciaran Martin, a former UK cybersecurity chief, told the BBC last week that a Russian cybercrime group known as Kirin was likely the culprit. Synovis said in a statement last week that it was working with the UK government's National Cyber ​​Security Centre to understand what happened.
In an email to primary care providers on Monday, Synnobis said it may have to discard thousands of blood test samples because there is no connection to electronic medical records. In a statement on Wednesday, Synnobis said its IT systems had been down for too long so it was unable to process samples taken last week.
The NHS, on which most Britons rely for healthcare, has significantly stepped up investment in cybersecurity since a ransomware attack in 2017 wreaked havoc on its computer systems, causing around 20,000 hospital appointments and surgeries to be cancelled.
Cyber ​​threats have increased pressure on the NHS
Since the cyberattack, some NHS workers at the affected hospitals have had limited access to computerized blood-test records and have turned to pen and paper to record test results. Recording results by hand can increase the chance of error and reduce blood-test capacity and, as a result, emergency surgery capacity, said Jamie McCaul, a researcher specializing in cybersecurity at the Royal Institute for Security Studies, a British think tank.
“The whole system is not failing, but it is under a lot of strain,” McCaul said. He said the number of successful ransomware attacks on the NHS, which doesn't pay the ransom, is far fewer than those on US healthcare providers, which are more vulnerable to blackmail.
Recent cyber attacks have destabilized the U.S. healthcare system.
Rebecca Wright, a cybersecurity professor at Barnard College, said hospitals are particularly vulnerable to ransomware attacks because they are often difficult to secure and rely on a variety of different systems and third-party suppliers.
She said the primary goal of the attacks is not necessarily to steal hospital data, but to paralyze or disrupt services to the point that health care providers would be more likely to pay the ransom.
U.S. officials say paying the ransom would fuel a vicious cycle that would lead to more attacks on hospitals, but it may be less costly for health care providers than rebuilding their computer systems.
According to U.S. blockchain analytics firm Chainalysis, the amount of ransomware paid worldwide last year exceeded $1 billion, a record high. According to the U.S. Treasury Department's Financial Crimes Enforcement Network, which aims to protect the financial system from misuse, the top five most profitable ransomware variants in 2021 were linked to Russian cybercriminals.
In February, a cyberattack on Change Healthcare, which manages one-third of U.S. patient records, caused major disruptions to ordering routine prescriptions and paying for expensive surgeries. At a Senate hearing last month, Andrew Whitty, CEO of UnitedHealth Group, Change's parent company, acknowledged that the company paid a $22 million ransom to the attackers.
And just a few weeks ago, Ascension, one of the largest health systems in the United States with about 140 hospitals, was hit by a massive cyberattack, leaving doctors and nurses with little access to digital records of patients' medical histories, relying instead on paper and faxes.
Ascension said Wednesday that attackers gained access to its systems when an employee mistakenly downloaded a malicious file thinking it was legitimate. The company said it has no evidence that data was stolen from its electronic medical records systems and is working to restore access to electronic medical records across its network, aiming to complete the process by Friday.