Cyber attack on IT supplier hits two major ambulance trusts
Staff at two UK ambulance providers have been pressured to fall again on conventional analogue programs to hold on working after entry to affected person report programs hosted by a third-party supplier was disrupted in a cyber attack of an undisclosed nature.
The providers in query are the South Western Ambulance Service NHS Foundation Trust and the South Central Ambulance Service NHS Foundation Trust, each customers of MobiMed, a system operated by Sweden-based Ortivus.
Between them, the two providers cowl sufferers throughout a swathe of southern England, from Cornwall to Buckinghamshire, taking in communities together with Bath, Bournemouth, Bristol, Exeter, Milton Keynes, Oxford, Plymouth, Reading, Southampton and Swindon.
Ortivus stated its programs got here underneath attack on the night of Tuesday 18 July, affecting UK buyer programs inside its hosted datacentre atmosphere.
“The electronic patient records are currently unavailable and are until further notice handled using manual systems. No patients have been directly affected. No other systems have been attacked and no customers outside of those in the hosted datacentre have been affected,” stated the organisation’s CEO Reidar Gårdebäck in a statement.
“Ortivus are currently working in close collaboration with the affected customers to restore the systems and recover data. The affected customers are the ones using MobiMed ePR, electronic patient record systems in a hosted environment.”
Gårdebäck stated the group that carried out the cyber attack had not been recognized. The incident has been reported to the required regulation enforcement companies.
The affected service, MobiMed, is described as a “modular platform” to attach and allow real-time info sharing throughout the pre-hospital care chain, and is supposedly in use by over 12,000 paramedics in 2,700 ambulances.
Its modules comprise MobiMed Monitor, a monitoring resolution to measure and share sufferers’ important well being information, comparable to electrocardiogram (ECG) info, in transit; MobiMed ePR, an digital affected person report resolution; MobiMed enRoute, which assists in case administration and car navigation; and MobiMed Life, which is a line of standalone defibrillators. The impacted service is known to be MobiMed ePR.
Ortivus didn’t straight affirm the id of the affected ambulance providers, however had beforehand introduced the transition of each trusts to a brand new internet hosting atmosphere after they renewed their contracts in 2020.
An NHS spokesperson stated: “We are aware of an incident affecting a small number of ambulance services. Our Cyber Security Operations Centre is working with affected organisations to investigate, alongside law enforcement colleagues, and supporting suppliers as they work to reconnect the system.”
Ortivus moreover stated it had been able to restart the service in an interim reside atmosphere inside 48 hours, nonetheless, it was ready for the alternative system to be authorised and verified to make certain it meets the NHS’s strict safety standards. This course of might be considerably time-consuming; following a LockBit ransomware attack on a software program supplier in 2022, affected NHS our bodies took over a month to get again on their toes whereas the rebuild course of was validated and verified by each the NHS and the National Cyber Security Centre (NCSC).
