NHS Ransomware Attack 2024 launched by Russia

Over the past couple of days, two hospitals affiliated with the UK’s National Health Service (NHS) have been grappling with a severe IT disruption, which has been confirmed as a cyber attack. The former chief of the National Cyber Security Centre (NCSC), a branch of GCHQ, has suggested that the attack may have originated from Putin’s cyber army, possibly aimed at sowing chaos among the UK populace.

This attack, typical of file-encrypting malware, targeted the digital infrastructure of Synnovis, a pathology service provider crucial for blood tests, transfusions, and other medical services. Such a serious incident warrants a thorough national investigation.

According to updates from the National Health Service, this disruption has resulted in the cancellation of surgeries and critical care services at King’s College Hospital and Guy’s and St Thomas hospitals. Moreover, the restoration of pathology services may take weeks rather than days, raising significant concerns among patients.

This incident evokes memories of the North Korea launched 2017 WannaCry ransomware attack, which crippled NHS operations for weeks. Similar repercussions are now anticipated, although IT teams are working around the clock to expedite the restoration of services.

Echoing past events, speculation regarding foreign involvement, particularly pointing fingers at Moscow under Putin’s leadership, has emerged. However, concrete evidence linking the attack to the Kremlin remains elusive, with only The Telegraph reporting allegations of Russian involvement. Investigations have hinted at possible connections to the LockBit ransomware gang, but no definitive proof has been presented thus far.

Meanwhile, another novel ransomware group named RansomHub, a rebranded version of Knight Ransomware that emerged from another malware spreading group Cyclops has openly claimed to have infected NHS with ransomware.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display