The government is considering retaliatory action against Russian hackers for stealing confidential data from several London hospitals after a cyber attack on a blood testing lab, The Guardian reports.
The Russian cybercriminal group Qilin had on June 3 carried out a cyber attack on Synnovis, a lab company that provides testing services to many hospitals in London.
The stolen records cover 300 million patient interactions with the NHS, including the results of blood tests for HIV and cancer.
Qilin made the data public by putting it on their darknet site and Telegram channel early Friday after their ransom demand of £40 million was ignored.
The affected London hospitals, which include Guy’s, St Thomas’ and King’s services, have set up helplines to answer queries of anxious patients.
The National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) are holding discussions about how to respond.
UK law enforcement has a precedent of taking on ransomware gangs directly. The NCA recently disrupted the operations of the world’s largest ransomware outfit – the LockBit group – in a joint operation with international partners.
The operation was carried out jointly with the FBI, Europol, and a coalition of international police agencies.
It led to the unmasking of the gang’s alleged leader Dmitry Khoroshev, a Russian national.
NHS England has cautioned patients that they may be targeted by criminals seeking a ransom. They have been advised to immediately call Action Fraud.
Qilin has reportedly locked Synnovis out of its IT system.
This has affected many hospitals and they were forced to ration access to blood tests. Many surgeries have been put off.
The NHS has shifted some of the cases to other lab service providers and managed to increase the number of blood tests.
