A patient’s death following a cyber-attack on the UK health sector by ransomware group Qilin has now been reported. The death has been confirmed by King’s College Hospital NHS Foundation Trust.
It has been attributed to a long wait for a blood test as a result of a cyber-attack on 3 June last year, which brought pathology services to a temporary standstill. IT company Synnovis, which provides blood test services primarily in southeast London, was the victim of a ransomware attack carried out by Qilin. The hospitals affected were Guy’s and St Thomas’, King’s College, and Lewisham and Greenwich, along with primary care facilities across six London boroughs and two mental health trusts.
Following the cyber-attack, healthcare staff were unable to carry out transfusions or blood matching and were forced to use the universal O-type blood for everyone, subsequently contributing to a nationwide shortage of O-type blood supplies.
Qilin is a relatively new but highly sophisticated Russia-based cybercriminal group that is rapidly establishing dominance in the illegal world of ransomware. It provides other criminals not just with easy-to-use off-the-shelf ransomware-as-a-service (RaaS), but also additional services, including a full suite of legal guidance. Qilin’s “Call Lawyer” function provides expert international legal consultation to enable cybercriminals to increase pressure during ransom negotiations. Qilin’s expert legal team also combs through the victim organization’s stolen data in order to identify any financial irregularities or regulatory breaches that can be used to blackmail the organization further.
Full-out cyber-war could result in more deaths
The death of a UK patient also highlights the potential damage that concerted cyber-attacks could inflict in a full-out cyber war with a hostile foreign power such as Russia. Ransomware groups such as Qilin are currently financially motivated and while they exhibit a callous disregard for the human cost of their crimes, they do not primarily aim to cause destruction and death.
But there are now growing fears on both sides of the Atlantic that growing tensions between Russia and the Western powers could soon escalate the situation to a point where cybercriminal groups like Qilin are pressed into service by the Russian state to cause maximum physical and economic damage in the US and the UK. This month, the US Food and Drug Administration issued a warning that the medical sector is already being targeted, together with the country’s water supplies. In the UK, security services are also warning of the likely escalation of cyber-attacks from Russia to a new and life-threatening level.
