According to an Aug. 5 article from the Telegraph, security services are investigating a cyberattack on the National Health Service (NHS)—the publicly funded health system in England—111 system. 111 is a number to call, at no cost, when an individual has an immediate healthcare need that is not life-threatening. Hackers targeted Advanced, a software supplier for 85 percent of NHS 111 services. The firm’s system, called Adastra, allows handlers to dispatch ambulances, book urgent appointments off hours, and fulfills emergency prescriptions.
The article states that “NHS 111 staff across the country have been forced to use pens and paper after a crucial system was shut down by hackers feared to be linked to a hostile state.”
Further, “The public have been told to expect delays when calling the hotline, as NHS sources warned the disruption could drive patients to overstretched accident and emergency departments over the weekend. Officials believe the outage will last until Tuesday at the earliest.”
Additionally, 1,000 care homes use the Advanced’s Caresys software that has also been affected with mental health services across the NHS that uses its record management system.
An NHS source was quoted in the article saying that "At the moment, call-handling and response times are holding up but there is a concern that that situation may change over the weekend, and that we could see a deterioration.
And that “Cases in need of an ambulance are being prioritized.”
The National Cyber Security Centre is working with Advanced to investigate the cause of the attack, according to the article.
“It comes after the Five Eyes international intelligence alliance—consisting of Britain, Australia, Canada, New Zealand, and the United States—warned of the risk of state-sponsored cyberattacks coordinated from Moscow following the UK’s response to Russia’s invasion of Ukraine, targeting critical organizations including the NHS, nuclear power stations and parts of the Civil Service,” added the article.
Richard Staynings, healthcare technology and cybersecurity strategist, commented the following to Healthcare Innovation: “This latest cyberattack against the NHS is an unwelcome test of its resiliency and preparedness for various outages including cyber-extortion. As a critical infrastructure industry, the NHS is a target for pariah nation state attack, although in this case evidence appears to suggest that the attack was orchestrated by a Russian criminal gang. Given the known close working relationship between the Russian government and the country’s organized crime gangs, the Kremlin may not be entirely off the hook in this case. A forensic investigation of the cyberattack will take time and a positive attribution of the attackers may be many months away.”
His full thoughts on the matter can be found here.
