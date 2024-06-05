Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Home News UK & World

Who are the Russian cyber gang Qilin?

By Press Association
Experts claim Qilin is behind the attack on a pathology services provider which disrupted a number of London hospitals this week (Dominic Lipinski/PA)
Experts claim Qilin is behind the attack on a pathology services provider which disrupted a number of London hospitals this week (Dominic Lipinski/PA)

A Russian group of cyber criminals known as Qilin were behind a cyber attack that impacted major London hospitals.

Pathology services provider Synnovis, a partnership between SynLab UK & Ireland, Guy’s and St Thomas’ NHS Foundation Trust and King’s College Hospital NHS Foundation Trust, was targeted on Monday, June 3.

The ransomware attack has led to hospitals cancelling operations and tests and being unable to carry out blood transfusions.

But who are Qilin?

Qilin is a Russian cyber gang that runs a ransomware-as-a-service model.

They operate using websites on the dark web, and have a two-year history of attacking organisations across the world.

What is ransomware?

Ransomware is a type of malware. In some cases, hackers use it to bring down systems and prevent users from accessing their devices or the data stored on them, usually by encrypting it.

They will then demand money to decrypt the files.

What other attacks is Qilin thought to be behind?

Qilin has previously targeted publishing and social enterprise group the Big Issue Group.

Reports by Computer Weekly in March suggest the hackers claimed an attack during which the company’s IT systems were broken into and confidential data was stolen.

This included information on staff, such as addresses, passport scans and payroll information.

At the time, Paul Cheal, group chief executive of the Big Issue Group, confirmed some of the data had been posted on the dark web.

In January, reports in Australia suggested Qilin had hacked the systems used by courts in the state of Victoria.

Hackers allegedly gained access to recordings of hearings that occurred between November and December.

Qilin also claimed an attack on Yanfeng Automotive Interiors, a major supplier of car parts headquartered in China, last year.

The files stolen included financial documents, non-disclosure agreements, quotation files and technical data sheets, according to cybersecurity news site Bleeping Computer.

The attack had a knock-on effect on car maker Stellantis, which gets seating and interior components, including electronics, from Yanfeng.

It is understood production was halted at the car maker’s North American plants for the period of time as a result.

How has Synnovis and the NHS responded to the attack?

Some operations and procedures across the hospitals were cancelled or redirected to other providers.

NHS officials said they are working with the National Cyber Security Centre to understand the impact of the attack, while Synnovis said it has been reported to law enforcement and the Information Commissioner.

If a ransom is demanded, will the hackers be paid?

It is understood the Government has a policy of not paying hackers, although the company impacted would be free to pay the ransom if it chose to.