Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Isis-linked hackers attack NHS websites to show gruesome Syrian civil war images

Exclusive: One analyst, says the hacks 'appear to be deliberately targeted at a British public institution and in particular at an institution dealing with something which affects every member of the public, their health'

Kim Sengupta
Defence Editor
Tuesday 07 February 2017 16:57 EST
Six websites struck by the group called the Tunisia Fallaga Team three weeks ago were in the south-west of England
Six websites struck by the group called the Tunisia Fallaga Team three weeks ago were in the south-west of England (YouTube)

Islamist hackers linked to Isis carried out an attack on a series of NHS websites in a cyber-attack exposing serious flaws in security systems meant to protect sensitive information, The Independent has learnt.

Graphic, brutal images of violence from Syria’s war were put up on the sites by a group based in North Africa which declared it was carrying out the electronic raid in retaliation for the West’s aggression in the Middle East.

This is believed to be the first time that an Isis-linked group has carried out a concerted attack on the NHS.

There was one instance of a health service site infected last year by a hacker who said he was an Islamist, but the new assault is being viewed by security agencies as much more serious and one which may pave the way for other such strikes.

The six websites struck by the group called the Tunisian Fallaga Team three weeks ago were in the south-west of England and ranged from ones dealing with childcare to funding, with the two sites particularly severely damaged.

The Independent has agreed not to give further details due to security considerations.

It is believed that patient data was vulnerable in the attacks, but initial checks do not indicate that any had been compromised. There is no suggestion patient safety was put at risk.

CAUTION: GRAPHIC IMAGES BELOW

Islamist hackers linked to Isis carried out an attack on a series of NHS websites in a cyber attack exposing serious flaws in security systems meant to protect sensitive information, The Independent has learned. The six websites struck by the group called the Tunisia Fallaga Team three weeks ago were in the south-west of England and ranged from ones dealing with childcare to funding, with the most severe damage taking place to two of the sites. The Independent has agreed not to give further details due to security considerations. The hacking comes in the wake of a government warning that the NHS was facing serious risk of cyber attacks, something which was "no longer the stuff of spy thrillers and action movies, but a clear and present threat”. Ben Gummer, Minister for the Cabinet Office , stressed that "large quantities of sensitive data" held by the NHS and the Government is being targeted by hackers.
Islamist hackers linked to Isis carried out an attack on a series of NHS websites in a cyber attack exposing serious flaws in security systems meant to protect sensitive information, The Independent has learned. The six websites struck by the group called the Tunisia Fallaga Team three weeks ago were in the south-west of England and ranged from ones dealing with childcare to funding, with the most severe damage taking place to two of the sites. The Independent has agreed not to give further details due to security considerations. The hacking comes in the wake of a government warning that the NHS was facing serious risk of cyber attacks, something which was "no longer the stuff of spy thrillers and action movies, but a clear and present threat”. Ben Gummer, Minister for the Cabinet Office , stressed that "large quantities of sensitive data" held by the NHS and the Government is being targeted by hackers. (youtube)

The hacking comes in the wake of a Government warning that the NHS was facing serious risk of cyber-attacks, something which was “no longer the stuff of spy thrillers and action movies, but a clear and present threat”.

Ben Gummer, Minister for the Cabinet Office , stressed that ”large quantities of sensitive data“ held by the NHS and the Government is being targeted by hackers.

The Tunisian group along with two other groups, Global Islamic Caliphate and Team System DZ, all connected to Isis, are said to carry out coordinated operations.

As well as airlines and media companies, the groups had broken into the US Central Command's Twitter and YouTube accounts and had published personal details of retired US military personnel.

The Tunisian group had carried out cyber-assaults on a number of countries in the past 18 months, becoming particularly active after the Charlie Hebdo murders in Paris, focusing on organisations which condemned the murders of the journalists.

In November 2015, it showed its reach in the UK with the infection of a Jewish school website in north London.

More images showed scenes from the Syrian civil war
More images showed scenes from the Syrian civil war (youtube)

Around the same time as the Isis-linked assault last month, the Barts Health Trust warned that its four hospitals – Royal London, St Bartholomew’s, Whipps Cross and Newham – were experiencing a virus attack.

This, however, is believed to have been criminal rather than political in nature.

Shocking images show Aleppo before and after the conflict

A Trust spokesman said: “We are urgently investigated this matter and have taken a number of drives offline as a precautionary measure.

"We have tried and tested contingency plans in place and are making every effort to ensure that patient care will not be affected.”

Some of the photos were graphic in nature
Some of the photos were graphic in nature (youtube)

Khaled Fattal, the head of the MLi Group, which specialises in cyber-threat intelligence and security, said: “What happened to the NHS sites shows just how vulnerable some institutions continue to be.

"We have two types of these attacks, criminal and political, driven respectively by motives of profit and ideology.

"The political cyber attacks, what’s called policyber, can be organised by a terrorist group, or inspired by them, with individuals or small groups then carrying out the attacks: very much like physical acts of terrorism

“We don’t think that these attacks on the NHS were random acts. They appear to be deliberately targeted at a British public institution and in particular at an institution dealing with something which affects every member of the public, their health. So of course, this is very worrying.”

Robert Emerson, a security analyst, added: “The cyber-terrorist threat to the NHS will be perceived as psychologically more serious than a purely commercial threat . The Government has acknowledged that the NHS and other public bodies are under threat, it’s a matter now of taking appropriate counter-action.”

A programme of training for students with work placements in security companies and Whitehall departments as well as the possibility for work at GCHQ has been launched with a target of 1,000 to be qualified by 2020.

But the House of Commons Public Accounts Committee accused the Government last Friday of failing to consolidate the “alphabet soup” of agencies supposedly dealing with cyber-attacks.

It claimed that the role of the Cabinet Office, which is responsible for protecting national institutions from hacking, remains confused.

Labour MP Meg Hillier, who chairs the committee, said: “Its approach to handling personal data breaches has been chaotic and does not inspire confidence in its ability to take swift, coordinated and effective action in the face of higher-threat attacks.

"In this context, it should concern us all that the Government is struggling to ensure its security profession has the skills it needs.”

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in