Cyber-blackmailers 'increasingly targeting NHS trusts'


NHS IT systems are increasingly vulnerable to attacks by cyber-blackmailers trying to extort ransoms from hospitals, according to reports.

At least 28 NHS trusts in England have been victims of ransomware incursions in the last 12 months, according to figures handed to the i in Freedom of Information request.

NHS Digital, the body which oversees cyber-security for the health service, admitted there has been an increase in attacks but told the i that no ransom was paid and no data was lost.

It said patient records had not been affected and added that other organisations have been targeted in the attacks.

Ollie Whitehouse, technical director of NCC Group, the internet security company which obtained the data, told the paper: "Ransomware has become the bottom line of cyber-crime - if hackers break into a system and can't find any other way to monetise what they find, they encrypt the data and demand a ransom.

"We have seen a 400% increase in these attacks.

"The health service is by no means alone in facing this kind of attack.

"But NHS trusts are being increasingly targeted and any loss of patient data would be a nightmare scenario. Like everyone else, they need to be applying robust controls."

Ransomware, among other malicious software, has long been known to target computer users, generating millions of pounds a year for cyber-criminals.

Europol issued a warning about the malware last week, warning that it is now the top form of online theft.

The virus works by implanting a piece of software, often sent disguised in an email, which locks the user out of the system or files.

The hackers then demand a BitCoin ransom, which can be the equivalent of thousands of pounds.