The Royal Family’s health data is at risk because of a cyberattack by a group of hackers who specifically targeted King Edward VII’s Hospital.
In order to prevent the release of this sensitive information, the hackers are demanding a payment of £300,000 in Bitcoin reports Geo TV. It is worth noting that this hospital is renowned for providing medical care to Kate, the Princess of Wales.
Rhysida – Ransomware-As-A-Service
According to the Metro newspaper, the hackers claim to possess a variety of confidential documents, including X-rays, letters from consultants, registration forms, handwritten clinical notes, and pathology forms. This group, known as Rhysida – named after a type of centipede – has previously launched an information attack on the British Library. An advisory from CISA states, Rhysida ransomware is known to impact “targets of opportunity,” including victims in the education, healthcare, manufacturing, information technology, and government sectors. Additionally, there has been instances of Rhysida actors operating in a ransomware-as-a-service (RaaS) capacity, where ransomware tools and infrastructure are leased out in a profit-sharing model. Any ransoms paid are then split between the group and the affiliates.
GCHQ and the police are currently investigating the gang responsible for the ransom demand that was posted. The Daily Mail reported that the statement released after the hack stated, “We present to you unique files! These files contain data from the Royal Family, as well as a significant amount of patient and employee data. It is available for sale as a single package!”
Paying The Ransom?
A representative from the NCSC, which is the computer crime division of GCHQ, has confirmed that they are in communication with King Edward VII’s Hospital to assess the impact of the incident. There are concerns that even if the hospital decides to pay the ransom, there is no guarantee that the data will be returned.
Philip Ingram, a former colonel in British military intelligence, expressed his belief to the Daily Mail that the data could potentially be duplicated and sold to other cybercrime groups operating in the underworld. According to a hospital spokesperson, efforts have been made to minimize the consequences of the attack and a thorough investigation has been initiated.
Queen Elizabeth and Prince Philip have both been treated at the hospital in the past. However, it is worth mentioning that in 2012, the Princess of Wales sought medical care at the same hospital due to morning sickness.
Rapidly Evolving Digital Healthcare Landscape
In today’s rapidly evolving digital healthcare landscape, the importance of robust cybersecurity measures cannot be overstated. Developing a security program that prioritizes both individuals, including patients and healthcare professionals, and devices can enable organizations to effectively regulate access and manage all endpoints to protect organizations from cyber threats, while ensuring comprehensive coverage of end-users and connected devices.
“In the past, network security controls used to dominate the security budgets of healthcare providers. However, with the increasing use of endpoint devices, the boundaries of network perimeters have been greatly diminished,” said Tim Royston-Webb, CEO, SentryBay. “As a result, medical facilities are now seeking a comprehensive approach to security that covers all entry points to the network. By integrating network and endpoint isolation security, healthcare providers can have a better understanding of the various security threats they face, both in real time and through historical analysis. While network security remains crucial, it is no longer effective to solely rely on physical systems, which are too rigid for today’s dynamic network environment.”
Armored Client From SentryBay
As healthcare continues to advance technologically, the integration of comprehensive endpoint isolation cybersecurity tools like SentryBay’s Armored Client solution becomes essential. These tools not only protect critical healthcare data but also fortify the trust patients place in healthcare providers.
“At SentryBay, we are acutely aware of these challenges and have developed our Armored Client solution product specifically to address them,” said Brent Agar, Director of Business Development, SentryBay North America. “What sets Armored Client apart is its ability to provide encrypted keystrokes and protection against illegal screen capture. This ensures that sensitive patient data and healthcare operations remain secure, even in the face of sophisticated cyberattacks like the recent one deployed by Rhysida on King Edward VII’s Hospital.”