NHS trusts become top target for ransomware campaigns

According to new research, 34 percent of UK NHS providers suffered ransomware attacks in the last 18 months.
Written by Charlie Osborne, Contributing Writer
Wikimedia Commons

34 percent of NHS trusts in the UK have suffered a ransomware attack in the last 18 months, according to research based on FOI requests.

On Wednesday, digital workspace provider RES revealed the results of a campaign which doggedly submitted Freedom of Information (FOI) requests to every UK National Health Service (NHS) trust in England, Scotland and Wales in order to find out how many of these organizations have experienced ransomware attacks.

After receiving responses from all 260 trusts -- with the exception of 18 claiming exemption to providing information due to data rules around the safety of their patients -- RES researchers found that 34 percent have been targeted in the last 18 months.

In total, 87 out of 260 trusts admitted ransomware attacks, with Scottish NHS trusts the most frequently targeted.

While Wales had four out of seven trusts claim exemption, 60 percent in Scotland -- eight out of 14 NHS trusts -- said they had been the subject of recent ransomware attacks.

Seven NHS trusts admitted that some ransomware attacks had been successful, however, the consequences varied. While there is no information on hospitals or trusts which paid ransoms, many trusts were able to use backups to restore encrypted files. In one interesting case, a trust said specific hospitals were not targeted, but rather individual employees -- and the ransom was not paid.

Ransomware, a type of malware family which locks and encrypts compromised systems before demanding a fee in virtual currency, is a disturbing trend which now not only targets the average user, but businesses, schools, and hospitals.

Due to the valuable nature of stolen medical information and the fact many hospitals will rather pay a ransom than disrupt medical services or lose patient data, ransomware campaigns against medical establishments are proving to be big business and lucrative prospects for criminals.

In 2016, Southern California hospital bowed to a ransom of $17,000 in Bitcoin to regain access to systems locked and encrypted by ransomware, but many hospitals which have been targeted do not reveal how much they paid to resume services.

It is estimated that ransomware cost industries upwards of $1 billion in 2016 alone.

On Tuesday, IBM Managed Security Services said in a new report that the majority of successful attacks against healthcare providers are due to system injections, malicious or accidental insider threats and ransomware.

Big Blue claims that roughly 68 percent of networking attacks levied against the industry are carried out by insiders, and almost two-thirds of these were not intentional -- and so were made possible through techniques including social engineering, spear phishing, and malicious file downloads.

See also: Hackers split on 'ethics' of ransomware attacks on hospitals

"Hackers know the hospital will have to pay or risk patients' wellbeing," Jason Allaway, VP of UK & Ireland at RES, commented. "It's important to unearth such statistics as it shows just how seriously this threat needs to be taken by healthcare organisations."

"Education, vigilance and proven technology such as context-aware access controls, comprehensive blacklisting and whitelisting, read-only access, automated deprovisioning and adequate back-up are some of the vital components that need to be put in place by these trusts to both prevent and combat this problem as efficiently as possible," Allaway added.

Ransomware attacks on core services are extreme and can be debilitating for healthcare providers, but it can be just as damaging personally for the general public, too.

As ransomware strains continue to develop and become more sophisticated, cybersecurity professionals have a task on their hands to combat the threat. If you have become an unfortunate victim of this kind of malware, you can try to eradicate infections without paying up by using these free tools.

Cybersecurity reads which belong on every bookshelf

Editorial standards