Russia-linked Qilin group says it was responsible for London hospitals cyberattack

A representative for the ransomware group said that stolen data will be posted soon to authenticate both the attack and their ransom demand.

Vulnerabilities known for years

Following the attack, publicly available documents from the Trust’s board of director’s meetings show that questions were frequently raised about the risks posed to the hospitals by the Synnovis pathology services company.

Around 800 operations were canceled alongside roughly 700 outpatient appointments following the attack. A Synnovis spokesperson said, "The investigation into the attack continues, including any possible impact to data."

Speaking through a Qilin messaging account (via Bloomberg), a representative said that they had abused a zero day exploit to attack Synnovis systems, and also argued that the group is not responsible for any harm done and that their attack was an act of retaliation against the UK government's support for unnamed wars.

Mark Dollar, CEO of Synnovis, said in a statement in the aftermath of the attack that "We take cybersecurity very seriously at Synnovis and have invested heavily in ensuring our IT arrangements are as safe as they possibly can be. This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect."

"The incident is being reported to law enforcement and the Information Commissioner, and we are working with the National Cyber Security Centre and the Cyber Operations Team," Dollar continued.

More from TechRadar Pro

• Here is our guide to the best ransomware protection
• Hospital helpdesks targeted by hackers — US Health Department warns health services are under threat
• These are the best endpoint protection services around