Synnovis weakness leads to NHS cyber attack fallout

The NHS cyber attack that struck London hospitals on Monday continues to wreak havoc, forcing cancellations of surgeries and blood transfusions as the health service grapples with a declared “critical incident”.

The attack, which targeted the IT system Synnovis serving NHS pathology labs, has had a cascading effect on Guy’s and St Thomas’ and King’s College Hospital Trusts, particularly impacting transfusion services.

NHS cyber attack’s impact created chaos in the capital

The fallout from the NHS cyber attack is far-reaching, disrupting not only hospital services but also primary care. GP surgeries in six London boroughs – Bexley, Greenwich, Lewisham, Bromley, Southwark, and Lambeth – are reporting disruptions due to the attack on Synnovis. This vital IT system underpins pathology labs, which are crucial for a wide array of diagnostic tests, including blood tests and biopsies.

The NHS cyber attack has forced cancellations of surgeries and blood transfusions (Image credit)

Hospitals have been scrambling to cope with the fallout, with staff forced to cancel key surgeries or urgently transfer patients to other facilities. The Royal Brompton and Harefield hospitals have reportedly had to cancel potentially life-saving transplant operations, and the Evelina London Children’s Hospital has also been affected. This NHS cyber attack highlights the vulnerability of critical healthcare infrastructure to digital threats.

Synnovis was the NHS cyber attack’s target

The heart of this crisis is the NHS cyber attack’s target, Synnovis. This IT system plays a pivotal role in supporting NHS pathology labs and managing and processing vast amounts of patient data. The attack on Synnovis has not only disrupted the flow of information but also raised concerns about the security of sensitive patient data.

While the full extent of the breach is still under investigation, it underscores the growing threat of cyber attacks to healthcare systems worldwide.

A spokesperson for NHS England London region said:

“On Monday 3 June Synnovis, a provider of lab services, was the victim of a ransomware cyber attack.

“This is having a significant impact on the delivery of services at Guy’s and St Thomas’, King’s College Hospital NHS Foundation Trusts and primary care services in south east London and we apologise for the inconvenience this is causing to patients and their families.

“Emergency care continues to be available, so patients should access services in the normal way by dialling 999 in an emergency and otherwise using 111, and patients should continue to attend appointments unless they are told otherwise. We will continue to provide updates for local patients and the public about the impact on services and how they can continue to get the care they need.

“We are working urgently to fully understand the impact of the incident with the support of the government’s National Cyber Security Centre and our Cyber Operations team.”

The ripple effect

While the initial impact of the NHS cyber attack was concentrated in London, its effects are being felt far beyond the capital. The disruption to pathology services has the potential to delay diagnoses and treatments for patients across the country. The incident also raises questions about the preparedness of other NHS trusts to withstand similar attacks.

The NHS cyber attack’s impact extends beyond London, potentially delaying diagnoses and treatments nationwide (Image credit) Looking back

This is not the first time the NHS has faced a major cyber attack. In 2017, the WannaCry ransomware attack crippled hospitals across England, causing widespread disruption and forcing the cancellation of thousands of appointments and operations. The attack highlighted the vulnerability of outdated IT systems and the need for investment in cybersecurity.

The road to recovery from Synnovis cyber attack

As the NHS works to recover from this latest cyber attack, it is crucial to learn from the incident and strengthen defenses against future threats. This includes investing in modern IT systems, providing comprehensive cybersecurity training for staff, and establishing robust incident response plans. The recovery process will be complex and time-consuming, but it is essential to ensure the resilience of the NHS in the face of evolving cyber threats.

Featured image credit: Freepik