The Qilin ransomware group has claimed responsibility for a cyberattack on Synnovis labs, a key partner of the National Health Service (NHS) in England. The attack, which began on Monday, has severely disrupted services at five major hospitals in London, including King’s College Hospital and Guy’s and St Thomas’ NHS Foundation Trust. The NHS declared the situation a ‘critical incident,’ noting that the full extent and impact of the attack on patient data remain unclear.
Synnovis, a prominent pathology service provider, runs over 100 specialised labs offering diagnostics for various conditions. Due to the ransomware attack, several critical services, such as blood testing and certain operations, have been postponed, prioritising only the most urgent cases. NHS England has deployed a cyber incident response team to assist Synnovis and minimise patient care disruption, though longer wait times for emergency services are expected.
The Qilin group, operating a ransomware-as-a-service model, typically targets victims via phishing emails. The attack on Synnovis has raised significant concerns about the security of healthcare systems and the reliance on third-party providers. Kevin Kirkwood from LogRhythm emphasised that the attack causes operational disruptions and undermines public trust in healthcare institutions. He called for robust security measures, including continuous monitoring and comprehensive incident response plans, to protect healthcare infrastructure better and ensure patient safety.
Russian operatives are intensifying efforts to discredit the upcoming Paris Summer Olympics and undermine support for Ukraine, utilizing both online and offline tactics, according to experts and officials.
Efforts include using AI to create fake videos featuring actor Tom Cruise criticizing the International Olympic Committee and placing symbolic coffins near the Eiffel Tower, suggesting French soldiers in Ukraine.
Analysts note a sense of desperation among Russian propagandists, which aim to tarnish the Olympics and thwart Ukraine’s momentum in procuring Western weapons against Russia.
Not limited to online disinformation, recent stunts include the placement of symbolic coffins near the Eiffel Tower, fueling suspicions of Russian involvement, amidst French President Macron’s consideration of deploying troops to Ukraine, further angering Russia.
With the Paris Olympics approaching, concerns are mounting over potential cyber threats, given Russia’s history of disruptive actions during major events, highlighting the need for heightened vigilance and cybersecurity measures.
A ransomware attack on Synnovis, a pathology services provider, has severely disrupted major hospitals in London, including King’s College Hospital, Guy’s and St Thomas’, and the Royal Brompton. This incident has led to the cancellation and redirection of numerous medical procedures. The hospitals have declared a ‘critical incident’ due to the significant impact on services, notably affecting blood transfusions. Synnovis’ CEO, Mark Dollar, expressed deep regret for the inconvenience caused and assured efforts to minimise the disruption while maintaining communication with local NHS services.
Patients in various London boroughs, including Bexley, Greenwich, and Southwark, have been affected. Oliver Dowson, a 70-year-old patient at Royal Brompton, experienced a cancelled surgery and expressed frustration over repeated delays. NHS England’s London region acknowledged the significant impact on services and emphasised the importance of attending emergency care and appointments unless instructed otherwise. They are working with the National Cyber Security Centre to investigate the attack and keep the public informed.
Synnovis, a collaboration between SYNLAB UK & Ireland and several NHS trusts, prides itself on advanced pathology services but has fallen victim to this attack despite stringent cybersecurity measures. Deryck Mitchelson from Check Point highlighted the healthcare sector’s vulnerability to such attacks, given its vast repository of sensitive data. Recent cyber incidents in the UK, including a similar attack on NHS Dumfries and Galloway, underscore the persistent threat to healthcare services. Government agencies actively mitigate the current situation and support affected NHS organisations.
TikTok has recently thwarted a cyberattack targeting several high-profile accounts, including CNN and Paris Hilton, though Hilton’s account remained uncompromised. The company is working closely with affected users to restore access and enhance security measures to prevent future breaches.
The number of compromised accounts is minimal, according to TikTok, which is actively assisting those affected. The incident occurred as TikTok’s parent company, ByteDance, faced a legal battle against a US law that demands the app be sold or face a national ban by January.
The US government has raised national security concerns over Chinese ownership of TikTok. Still, the company maintains that it has taken significant steps to safeguard user data and privacy, asserting that it will not share American user information with the Chinese government.
The first complaint alleges that Microsoft’s contracts with schools attempt to shift responsibility for GDPR compliance onto them despite schools lacking the capacity to monitor or enforce Microsoft’s data practices. That could result in children’s data being processed in ways that do not comply with GDPR. The second complaint highlights the use of tracking cookies within Microsoft 365 Education software, which reportedly collects user browsing data and analyses user behaviour, potentially for advertising purposes.
NOYB claims that such tracking practices occur without users’ consent or the schools’ knowledge, and there appears to be no legal justification for it under GDPR. They request that the Austrian Data Protection Authority investigate the complaints and determine the extent of data processing by Microsoft 365 Education. The group has also urged the authority to impose fines if GDPR violations are confirmed.
Microsoft has not yet responded to the complaints. Still, the company has stated that its 365 for Education complies with GDPR and other applicable privacy laws and that it thoroughly protects the privacy of its young users.
After the adoption of the EU rules which ban real-time facial recognition in public spaces but allows some exceptions for law enforcement, the Swedish government ordered an inquiry into expanded powers for law enforcement to use camera surveillance, including the use of facial recognition technology. The EU exceptions include searching for missing people or specific suspected victims of human trafficking, or preventing imminent threats such as a terrorist attack. It also allows the technology for locating individuals suspected of committing certain criminal offenses.
The Swedish police plan to integrate facial recognition into their daily operations by leveraging a database containing over 40,000 facial images of individuals who have been detained or arrested. This technology enables law enforcement to quickly compare these images with footage from closed-circuit television (CCTV), streamlining the process of identifying suspects and potentially speeding up investigations​.
Why does it matter?
The deployment of FRT by Swedish police is governed by stringent regulations to ensure compliance with both national and EU data protection laws, aligning with Sweden’s Crime Data Act and the EU’s Data Protection Law Enforcement Directive (GDPR). This compliance is crucial to addressing concerns about privacy and civil liberties, which are often raised in discussions about surveillance technologies​. The adoption of FRT in Sweden comes as part of a broader trend within Europe, where several countries are exploring or have already implemented similar technologies. For example, Dutch police utilize a substantial biometric database to aid in their law enforcement efforts.
Denmark has raised its threat level for destructive cyber attacks from ‘low’ to ‘middle’ due to growing threats from Russia, the Danish Centre for Cyber Security (CFCS) announced on Tuesday. The new level, three on a five-level scale, indicates that while there are actors with the intention and capacity to carry out attacks, there are no specific indications of planned activity.
Defense Minister Troels Lund Poulsen highlighted the increased willingness of Russia to challenge NATO countries through various means, including sabotage and cyber attacks. Despite the heightened cyber threat, Poulsen emphasised that there is no direct military threat to Denmark, based on Danish Defence Intelligence Service assessments.
Smith highlighted that while AI-generated fakes have been increasingly used in elections in countries like India, the United States, Pakistan, and Indonesia, the European context appears less affected. For instance, in India, deepfake videos of Bollywood actors criticising Prime Minister Narendra Modi and supporting the opposition went viral. In the EU, a Russian-language video falsely claimed that citizens were fleeing Poland for Belarus, but the EU’s disinformation team debunked it.
Ahead of the European Parliament elections from June 6-9, Microsoft’s training for candidates to monitor AI-related disinformation seems to be paying off. Despite not declaring victory prematurely, Smith emphasised that current threats focus more on events like the Olympics than the elections. This development follows the International Olympic Committee’s ban on the Russian Olympic Committee for recognising councils in Russian-occupied regions of Ukraine. Microsoft plans to release a detailed report on this issue soon.
Poland has announced plans to allocate over 3 billion zlotys ($760 million) towards strengthening its cybersecurity measures following a suspected Russian cyberattack on the state news agency PAP. The attack, which authorities believe originated from Russia, has raised concerns ahead of the European Parliament elections in Poland. These fears escalated after a false article about military mobilisation appeared on PAP, prompting heightened vigilance against potential interference from Moscow.
Krzysztof Gawkowski, Poland’s digitalisation minister, emphasised the country’s commitment to defending against cyber threats, describing Poland as being on the frontline of the cyber fight against Russia. Gawkowski revealed that Poland had thwarted several cyber attacks on critical infrastructure over the weekend, underscoring the urgency of bolstering cybersecurity measures in the face of ongoing threats.
Amid accusations of Russian attempts to destabilise Poland, the Russian embassy in Warsaw has denied knowledge of the cyberattack on PAP and dismissed allegations of Russian interference. However, Poland has cited incidents of sabotage and arson on its soil, linking them to Russia. Additionally, Polish authorities assert that Russian secret services are actively gathering information on weapons deliveries to Ukraine following Russia’s invasion in February 2022. In response, Poland has announced the re-establishment of a commission to investigate Russian influence, highlighting the country’s efforts to address security concerns and safeguard against external threats.
Cyber-attack can be the act of war. According to the chair of NATO’s military committee, Admiral Rob Bauer,
‘In NATO, we have agreed amongst all allies that, in principle, a cyberattack can be the start of an Article 5 procedure’,
which is a collective defence clause of the North Atlantic Treaty, stating that an armed attack against one or more of the member states is considered an attack against all.’
Admiral Bauer emphasized in his statement at the Shangri-La Dialogue, an annual security conference run by the International Institute for Strategic Studies (IISS) in Singapore, that
‘you come close to the point where you will act upon it in a way that is close to acting on a physical attack.’
It is the major development in ongoing legal and policy debate if countries can take military self-defence actions in the case of cyber-attacks.
In the UN Cybersecurity debates, this discussion is centred around the use of self-defence, according to Article 51 of the UN Charter.
Cyberattacks as triggers for real-life war will open entirely new dynamics in the digital field with far-reaching consequences of applying existing law, protecting critical infrastructure, assuming the responsibility of states for cyber activities on their territory, and regulating tech platforms and other digital actors.
