Category: NHS Ransomware Attack

A few days ago, the IT Managed Services provider ‘Advanced’ suffered a ransomware attack that almost crippled the entire emergency network of NHS UK to the core. To keep going, the healthcare services provider resorted to the pen and paper services in order to bring the situation under control.

But because of the disruption of the network of NHS 111, patient check-ins, medical notes and emergency services such as ambulance came to a severe halt, as many of such services were being managed with pen & paper.

Staff are finding it difficult to manually manage the services because of which piles of papers and patient files are seen being dumped into the room.

The attack that took place on August 4th of this year will leave ‘Advanced’ paralyzed for a few more months and if the situation continues staff estimate that the administration officials will need at-least a 5000-10,000 square feet space to secure patient data. And then a few of the data entry staff to digitize the whole info.

NOTE 1- NHS offers medical services to over 250,000 patients across 1220 hospitals and has reported the incident to NCSC and ICO.

NOTE 2-Advanced is into IT services and provides support to about 42 acute healthcare service providers. It has taken the incident seriously and has hired forensic experts to probe down the incident. The group behind the incident is yet to be probed, and it is unclear whether the threat actors have stolen any data before encrypting the servers.

 

The post NHS Ransomware Attacks leading to accumulation of medical records appeared first on Cybersecurity Insiders.

NHS Ransomware attack news has been trending on the Google search engine for the past few days and, as per some report’s security experts, believe that the recovery from the ransomware attack might at least a month for the NHS. As most of the records supplied by Advanced software company like Adastra- a patient management software and eFinancials- a finance management software was deeply infected.

The details of the malware infection emerged when NHS launched an inquiry on the disruption of NHS 111 servers, a medical advice related telephone & online service that is rendered to patients in urgency.

UK government is busy investigating the incident and has taken the issue seriously, as it has disrupted services related to ambulance dispatching, patient referrals, appointment bookings, emergency prescriptions severely.

Second is the news related to a SOVA software that has added ransomware capabilities to itself to evolve into a malicious software that encrypts files on mobile devices.

It is revealed that the malware has taken down over 200 banking and crypto currency targets till date and is aiming to siphon sensitive data from the user’s browser cookies. It blocks the victim from uninstalling by remaining concealed.

Mobile Security firm Cleafy has been tracking down SOVA since Sept’2021 and confirms that the malware has developed into a new malicious software since March this year. By adding 2FA interception, cookie steal, taking screenshots, performing clicks and swipes, copy and pasting files and mainly targeting Gmail, GPay and Google Password manager with substantial code refactoring tactics.

Third is the news related to a new threat actor SolidBit that is actively promoting Ransomware as a service and is interested in recruiting new affiliates via the dark web. Security researchers from CloudSEK have discovered that the group is only interested in taking control of corporate networks and has launched a new ransomware variant with the same name.

Fourth is the news related to 7-Eleven convenience stores that issued a public statement via Facebook confirming a hacker attack on its servers. According to the 7-Eleven Denmark statement, the store that is operating as a business chain was hit by a ransomware group in the early hours of Monday morning. Coincidently, the malware attack took place on the day when the business completed 8 years of operations and that’s really disappointing.

On August 14th, 2022 OneTouchPoint, fondly known as OTP, issued a public statement confirming a ransomware attack that took place on its servers on April 28th, 2022. After the investigation, it was determined that hackers stole details such as individual names, member IDs, and health related info from the servers of OTP. However, there is no valid proof that the siphoned data was used for malicious purposes till date.

 

The post Ransomware news headlines trending on Google appeared first on Cybersecurity Insiders.

A ransomware attack on a software services provider of UK named ‘Advanced’ is said to have affected the patients of NHS and National Cyber Security Centre in coordination with Information Commissioner’s Office are busy finding the scale of impact the cyber incident could create on the health services provider.

Currently, the identity of the attacker has been withheld, as the investigation is yet to be concluded.

In what is known to our Cybersecurity Insiders, all those customers using Adastra, Caresys, Odyssey, Carenotes, Crosscare, Staffplan and eFinancial software were deeply hit by the attack. And sources confirmed the incident took place on August 4th of this year and for that reason, the NHS 111 was down for days.

NHS that oversees medical services of over 250,000 people across 1,230 hospitals hasn’t reacted to the incident on an official note. However, the spokesperson assured a detailed press release after the preliminary inquiries are completed.

As many critical care patient admissions were hit serious because of the glitch in administrative software, the IT staff are taking all measures to recover from the incident at the earliest.

Government of the UK that is currently busy in picking up its next prime minister has taken a note of the situation and issued a red alert across the kingdom as they do not want to repeat the repercussions seen in the 2017 WannaCry ransomware attack.

As Advanced provides IT and software services to around 42 acute n mental health trusts in Britain, it has hired a third-party forensic firm to investigate the incident to the core.

 

The post NHS Ransomware attack to be seriously probed appeared first on Cybersecurity Insiders.