It has been determined that a cyberattack on a significant NHS IT provider was a ransomware attack.
According to Advanced, which offers digital services like patient check-in and NHS 111, a full recovery might take three to four weeks.
Hackers using ransomware seize control of IT systems, steal data and then demand money from victims to unlock the system.
Although the NHS says that there has been the little impact, Advanced would not confirm whether any NHS data had been stolen.
The Birmingham-based company claims it discovered the intrusion on August 4 at 07:00 BST and moved quickly to confine the perpetrators. As of right now, services are being restored.
The business refused to specify whether it was negotiating with hackers or paying them a ransom.
The company said in a statement that it was rebuilding and restoring affected systems in a separate and secure environment.
In light of the “major technical difficulty,” NHS England alerted family doctors in London at the end of the previous week that they would experience an increase in the number of patients referred to them by NHS 111.
Caresys and Care notes, which serve as the foundation for care home services like patient notes and visitor booking, as well as Adastra, which is utilised by the NHS 111 service, have all been impacted.
The GCHQ-affiliated National Cyber Security Centre claims to be assisting Advanced in its recovery.
According to a spokesman, ransomware is the main cyber threat that the UK is currently dealing with. All organisations should take immediate action to reduce risk by following our guide on how to set up effective defences to protect their networks.
Hackers who target businesses with ransomware are typically motivated by money and are part of sizable, professionally run criminal organisations. They demand hundreds of thousands or even millions of pounds in cryptocurrencies like Bitcoin as ransom.
While it might be challenging to pinpoint the locations of the gangs, data reveals that 74% of the proceeds from ransomware attacks in 2021 went to hackers with ties to Russia.