Services Disrupted as London Hospitals Hit By Cyber-attack (theguardian.com) 18
jd writes: There aren't many details yet, but a private company used by the National Health Service in London was hit by a ransomware attack today, leading to cancelled operations and cancelled tests. The provider has been hit multiple times this year and is obviously not bothering with making any improvements in cybersecurity. There really should be legal requirements when it comes to maintaining what is de-facto critical infrastructure.
From the article:
"Major NHS hospitals in London have been hit by a cyber-attack, which is seriously disrupting their services, including blood tests and transfusions. The ransomware attack is having a "major impact" on the care provided by Guy's and St Thomas' NHS trust, its chief executive has told staff in a letter. The attack is understood to affect other hospitals, including King's College hospital, and has left them unable to connect to the servers of the private firm that provides their pathology services.
Synnovis, an outsourced provider of lab services to NHS trusts across south-east London, was the target of the attack, believed to be a form of ransomware, a piece of software which locks up a computer system to extort a payment for restoring access. According to one healthcare worker, the labs were still functional, but communication with them was limited to paper only, imposing a huge bottleneck and forcing cancellation or reassignment of all but the most urgent bloodwork. Direct connections with Synnovis' servers were cut to limit the risk of the infection spreading. ...
This is the third attack in the last year to hit part of the Synlab group, a German medical services provider with subsidiaries across Europe. In June 2023, ransomware gang Clop hacked and stole data from the French branch of the company just days after it hit headlines for bringing down a payroll provider for companies including BA, Boots and the BBC. Clop published the stolen data later that summer."
From the article:
"Major NHS hospitals in London have been hit by a cyber-attack, which is seriously disrupting their services, including blood tests and transfusions. The ransomware attack is having a "major impact" on the care provided by Guy's and St Thomas' NHS trust, its chief executive has told staff in a letter. The attack is understood to affect other hospitals, including King's College hospital, and has left them unable to connect to the servers of the private firm that provides their pathology services.
Synnovis, an outsourced provider of lab services to NHS trusts across south-east London, was the target of the attack, believed to be a form of ransomware, a piece of software which locks up a computer system to extort a payment for restoring access. According to one healthcare worker, the labs were still functional, but communication with them was limited to paper only, imposing a huge bottleneck and forcing cancellation or reassignment of all but the most urgent bloodwork. Direct connections with Synnovis' servers were cut to limit the risk of the infection spreading. ...
This is the third attack in the last year to hit part of the Synlab group, a German medical services provider with subsidiaries across Europe. In June 2023, ransomware gang Clop hacked and stole data from the French branch of the company just days after it hit headlines for bringing down a payroll provider for companies including BA, Boots and the BBC. Clop published the stolen data later that summer."
outsourceing at it's best! (Score:3)
outsourceing at it's best!
Re: (Score:2)
outsourceing at it's best!
No doubt the Fine Synnovis outsource agency, uses the perfectly secure cloud to provide their services.
Just in case people haven't noticed - this is 100 percent fail. If you use a computer to do anything, if you go to a doctor, if you buy online, Your health history, your home address, your employer, your tax returns, all of your credit card s and checking accounts and bank accounts and investments are all in the hands of the bad guys.
In a irony for the ages, things like owning everyone's credit card
Re: (Score:2)
outsourceing at it's best!
I should probably add a little context around this. Synovis isn't an IT outfit, it's a pathology lab (well, a few pathology labs), they were hit by a ransomware attack.
Outsourcing is rife in the NHS for two reasons, well the same cause but they've used two different methods to attack the NHS. 1. Severe funding cutbacks, so the NHS can't afford to run it's own pathology labs or even hire decent people for their own IT departments. 2. an ideological crusade from the current government (will be a former gov
Russian Hitler & unconventional war (Score:3)
Re: (Score:2)
Dude, we know you love your work. But we're paying you to come up with plausible reasons why, against all evidence from their words and actions, Trump and Putin are the good guys. Not this 'stream of consciousness' stuff.
Time for the Truth Yet? (Score:5, Insightful)
You want to get down to the facts? It's simple. It really is.
Kids in my generation grew up with computers. Not mobile phones, but honest to transistors COMPUTERS, where if we wanted the machine to be entertaining we had to do 90% of the work.
As a result a significant percentage of the geeks from my generation made it into the workforce with above average technical skills. A fair number of us were competent self-taught programmers.
About the time we had the experience to go with our skills, our entire cohort was wiped out professionally. Roughly five million of us were unceremoniously thrown into the street, largely as a result of the Commodities Futures Modernization Act which made derivatives more profitable than tech stocks. That little handful of seeds grew into the housing crisis about six years later.
Look at the progress of technology prior to 2000 and after. It's night and day. We were growing by leaps and bounds and then it all just stopped. Hasn't been a decent tech job since.
Now, we're fossilized in a clogged toilet. Nothing improves. It just decays. Nobody wants to learn anything any more because there's no point. There are no rewards for that hard work. Progress has stopped.
This is why you can find neither the talent or the management to fix anything. They simply aren't there. Oh sure, the self-congratulatory rectangle-heads that run things now like to put on a big show of hiring people with their six-against-one interviews and their made-up fields of expertise, but the people who were there when modern technology was invented have moved on.
You wouldn't have listened to us anyway. You and the billywindows deserve each other.
Re: (Score:2)
Re: (Score:2)
Look at the progress of technology prior to 2000 and after. It's night and day. We were growing by leaps and bounds and then it all just stopped.
What I remember from 2000 was a huge crash as a direct result of tech not delivering what was promised.
Re: (Score:3)
It's Jack Welsh. The CEO of GE, he had a lot of fans because he managed to bring up stock prices, profits, and most importantly, CEO pay by ridiculous amounts. Basically institutionalized greed by seeing a company as a way to make money by exploiting the workers, not working with the workers.
Stack ranking, quarterly profits over everything, company disloyalty were all pioneered by him.
It just took two generations of people to realize it - the boomers grew up where company loyalty was a thing and taught it
Re: (Score:2)
working harder won't get you anything more.
That's not true at all. Working hard will earn you more work and a higher minimum expected performance.
Re: (Score:2)
So what you're saying is that you've never read "Forgetfulness" by John W. Campbell.
not bothering with making any improvments (Score:2)
Medical facilities, hospitals are a juicy target, just use same expliot as last week.
Too bad for Joe who needs surgery. Oh, well. woopsie. Too bad for you, Joe
Easy Solution (Score:2)
"Any contractors who are victims of a cyberattack shall incur a fine of 25% of received funds from the past twelve months.
Any contractors who are victims of a second cyberattack within a span of 36 months shall incur a fine of 50% of received funds from the past twelve months, plus an additional 50% of all C-Level gross revenue as of their previous tax filing, all of whom will receive a full tax audit from the past three tax returns, and may not lay off any employees for the next twelve months.
Any contracto
Nah - wouldn't work (Score:3)
It's a good start, but the problem will come when the attack can't be explained. There are, perhaps, four sources of attack:
1) Social engineering; a person is enticed into revealing login/password details
2) Phishing; a user clicks on a disastrous link in an email
3) A problem with the code of Windows / Linux allows hostile actors to invade
4) A flaw in the design of the vendor's software.
Realistically the vendor you're proposing to fine massively can only be held responsible for no.4. 3 is beyond their contro
Re: (Score:2)
Wait, I only need to get 3 tiny but successful cyberattacks made against my competitors and I can exclude them from bidding and raise my prices? That's worth passing some cash off in brown envelopes for! Where does one find these 'hacker' types?
This has been a long time coming (Score:3)