London Hospitals Get Disrupted by Ransomware Attack

Medical procedures have been canceled at multiple London hospitals and a critical emergency declared in the aftermath of a ransomware attack against pathology services provider Synnovis.

‍

“Some appointments have already been canceled or patients have been redirected to other providers at short notice due to the incident. The burden on other hospitals due to extra patients may lead to a further stretching of resources and more critical incidents being declared. It is not clear how long the disruption will last for,” Reuters reports.

‍

“The disruption to the blood transfusion IT system risks having a major impact on trauma cases, as only urgent blood components will be transfused when it is “critically indicated for the patient."

‍

Takeaway: We simply cannot discount the dual nature of a good portion of today’s ransomware attacks, where the attackers may be serving themselves from a financial perspective but are also furthering a larger geopolitical strategy.

‍

The fact that ransomware attacks against healthcare providers appear on the surface to merely be cybercriminal activity provides a convenient level of plausible deniability when those attacks may also serve the larger geopolitical goals of adversarial governments like Russia.

‍

This is why it is imperative that the US government and allied nations who are the targets of these attacks need to differentiate a portion of the attacks by reclassifying them as terrorist acts – specifically those attacks that target healthcare and other critical infrastructure functions where lives are at put at risk or lost.

‍

If we call these attacks what they are – terrorist attacks meant to instill fear and further geopolitical goals – then we unlock a whole range of new options for both offensive cyber and even traditional kinetic military responses instead of just more alerts, guidelines and frameworks.

‍

Ransomware attacks against critical infrastructure are a form of terrorism in and of themselves, and the fact that may of the attacks are so closely related to the geopolitical interests of adversarial nations - and provide them with plausible deniability - means we can no longer address these issues as simple criminal matters.

‍

Lives are at risk here, so we cannot keep addressing these attacks as IT downtime issues.

‍

‍

Halcyon.ai is the leading anti-ransomware company that closes endpoint protection gaps and defeats ransomware through built-in bypass and evasion protection, key material capture, automated decryption, and data exfiltration prevention – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.