Cyber criminals ‘targeted NHS 111 to extort a ransom’
A CYBER attack on the NHS 111 system is thought to have been carried out by a gang of criminals looking for ransom payments.
The Sunday Telegraph understands the hackers who targeted Advanced, a firm supplying software to 85 per cent of NHS 111 services, were part of an organised criminal group looking to shut down the crucial system, rather than a hostile state as originally feared.
There has been a sharp rise in ransomware attacks on companies in which gangs embed malware into IT systems and subsequently demand a ransom for the return of stolen information, or for access to a decryption key.
The attack on Advanced this week left NHS staff across the country forced to use pens and paper, while the public were told to expect delays when calling the hotline. NHS sources said that the shutdown could drive patients to overstretched accident and emergency departments over the weekend instead.
The Advanced Adastra system allows call handlers to send out ambulances, as well as booking out-of-hours emergency prescriptions for patients and urgent appointments. Over a thousand care homes using the company’s Caresys software have also been affected alongside mental health services in the NHS that use their record management system.
Steve Barclay, the Health Secretary, said he was being “regularly briefed” about the incident, adding that NHS England had contingency plans in place for affected areas while disruption to the service was “minimal”.
He added that patients could con
‘Payment incentivises harmful behaviour and does not guarantee data return or decryption’
tinue to use the 111 hotline and that they should call 999 in an emergency.
In July, the head of the UK’s National Cyber Security Centre (NCSC) and Information Commissioner warned businesses they risked “incentivising” attacks by “malicious” cyber crime gangs by meeting ransom demands.
John Edwards, the commissioner, and Lindy Cameron, the NCSC’s chief executive, said they were concerned by the increase in this kind of attack, as well as the large sums being paid out.
They added that the trend of paying ransoms seemed to be based on the mistaken belief that payment of a ransom could protect stolen data or result in a lower penalty from the Information Commissioner for data breaches.
“Payment incentivises further harmful behaviour by malicious actors and does not guarantee decryption of networks or return of stolen data,” they said.
According to a study by Verizon, ransomware attacks account for a tenth of global data breaches and doubled in frequency last year.
A spokesman for the NCSC said: “We are aware of an incident affecting some services provided by Advanced. We are working with the company to fully understand the impact, while supporting the NHS.”