Ransomware attacks have spread throughout the UK's National Health Service (NHS), compromising patient data and disrupting critical services.
Hackers, including the Russian-linked group Inc Ransom, have compromised several hospital trusts, including Wirral University Teaching Hospital, Alder Hey Children's Hospital Trust, Liverpool Heart and Chest Hospital.
Cybercriminals Target NHS Hospitals in Latest Campaign
For the past years, the healthcare industry has become the usual victim of ransomware attacks It's no surprise as NHS hospitals are struggling to fight hackers in the latest report. According to Tech Crunch, Inc Ransom said that it had breached Alder Hey, one of Europe's biggest children's hospitals.
Moreover, the hackers reportedly accessed sensitive patient records, donor reports, and procurement data that date back six years - between 2018 and 2024. Samples of the stolen data show personal health information and identifiable details, such as addresses and dates of birth.
Alder Hey confirmed the breach through a "digital gateway service" shared with other hospitals but said its core operations remain unaffected. The threat of publication of sensitive data remains an ongoing threat.
"The attacker has claimed to have extracted data from impacted systems. We are continuing to take this issue very seriously while investigations continue into whether the attacker has obtained confidential data," Alder Hey said in its statement on Wednesday, Dec. 4.
Wirral University Teaching Hospital
Meanwhile, Wirral University Teaching Hospital declared a "major incident" after a ransomware attack on several of its associated facilities, including Arrowe Park Hospital and Clatterbridge Hospital. The attack has disrupted clinical systems, caused delays in services, and also increased emergency department waiting times.
"We are prioritizing emergency cases while restoring systems," the hospital trust said, appealing to the public to visit emergency departments only for genuine crises.
A Persistent Threat to the NHS
Ransomware attacks have long been the scourge of the NHS. In 2023, it was ransomware that brought pathology services to a standstill and left 400GB of sensitive patient data exposed. The Qilin ransomware gang was behind that attack.
The NHS continues to be such an attractive target for cybercriminals because of its vast and quite often interlinked digital presence. This has made it necessary for the UK Government to increase efforts in cybersecurity: a five-pillar strategy came into force last year.
Government Action and Future Changes
The government is supposed to improve the cyber defense of the NHS by 2030. Moreover, the next Cyber Security and Resilience Bill that is to become law in 2025 introduces ransomware attack reporting and other more stringent cybersecurity rules.
Health Infrastructure Needs to Improve Cyber Protection
With the recent attacks, it will only take some time to grow in intensity, and by this time, effective cybersecurity measures should be immediately implemented in healthcare facilities.
The sensitive information of patients should be kept at maximum security as hackers could use it to scam people on the deep web or any other black market-like places. For the next decade, the agenda should be focused on teaching hospital personnel how to deal with these problems.
For more updates about ransomware attacks and other cybersecurity-related topics, visit Tech Times daily.
