Hackers targeting NHS to hold vital life-saving medical equipment to ransom
Intel Security claims virus-like programs can freeze entire systems - allowing criminals to demand cash to unlock them
COMPUTER hackers are targeting life-saving medical equipment in NHS hospitals in a bid to extract huge ransoms, experts warn.
A leading security firm yesterday blamed the health service’s “antiquated” computer systems, which are more vulnerable to malicious software.
Dozens of hospitals in the UK have been targeted by hackers in “ransomware” attacks this year.
The virus-like programs freeze entire IT systems – including connected medical equipment – until staff pay hackers thousands of pounds to unlock them.
MRI scanners, radiotherapy machines and diagnostic equipment are among the devices at risk.
Gordon Morrison, director of government relations at Intel Security, said: “Criminals recognise that MRI machines, oncology departments, machines that are providing medical services, medical analytics, are all linked to legacy devices.
“They will know that and they will exploit that. If there is money to be made by crippling a machine, they will do that.”
Mr Morrison cited the case of a hospital in California, which was forced to close for more than five days earlier this year before paying a ransom of $17,000 (£13,500).
Related stories
Morrison said hackers typically attack a hospital by including a virus in a spam email, either as a link or attachment.
Speaking at the King’s Fund Annual Conference in Central London, he added: “This is malware that infects you, encrypts as much information as it can, and then demands [money] to free it.”
A security report produced by Intel Security said hackers traditionally view hospital attacks as “unethical” – even if the hospital is based in a country considered fair game.
But Morrison said others see hospitals as easy targets, because getting systems up and running again is often a matter of life and death.
He said: “They specifically targeted hospitals, because they understand that there is medical data and operational imperatives that they can exploit.”
All non-urgent ops and appointments were cancelled at Northern Lincolnshire and Goole NHS Foundation Trust for two days last month after they were hit by a virus.
Security consultant Tony McDowell said Russian hackers were the likely “prime suspect” and accused them of “posturing”.
We pay for your stories! Do you have a story for The Sun Online news team? Email us at [email protected] or call 0207 782 4368