28 NHS Trusts And 23 Universities Hit By Ransomware Attacks In Last Year, Surveys Find

The software locks down computer systems before issuing a ransom demand.

Cybercriminals are increasingly targeting British hospitals and universities with ransomware attacks, two new studies have found.

NCC Group revealed that 28 of 60 NHS Trusts had been hit in the last year, while 31 declined to respond to Freedom of Information requests (FOI), many citing patient confidentiality.

Sentinel One, another cybersecurity firm, found that 23 of 58 universities had been hit, with 13 declining to reply to the FOI.

Ransomware attacks, which are often delivered via emails, websites and apps, restrict access to computer systems and issue a ransom demand.

Bournemouth University revealed it was hit 21 times in the last year by the malicious software.

The university told the BBC: “It is not uncommon for universities to be the target of cybersecurity attacks; there are security processes in place at Bournemouth University to deal with these types of incident.”

The BBC reported that the attacks had no impact on the university’s activity.

None of the universities said it had paid the ransom fee, but the value of ransoms ranged between £77 and £2,299 (five bitcoins).

Ollie Whitehouse, technical director at NCC Group, said: “In the past the ransomware writers were sometimes quite careless and there was often a way to retrieve files. However, they have improved their capabilities and data retrieval is usually no longer an option. It makes preparation even more important.”