The supply of defibrillator products and other medical equipment to the NHS has been affected by a cyber attack carried out by a pro-Iran group.
A hacktivist group linked to Iranian intelligence, named Handala, breached US MedTech firm Stryker’s IT systems on 11 March, causing orders of mouth swabs and defibrillators to UK hospitals to be paused.
Handala alleged on Telegram that it had carried out a destructive “wiper” attack on Stryker in response to the bombing of a primary school in Minab, Iran by the US last month which killed 168 people, most of them children.
The group claimed it wiped data from more than 200,000 systems and stole around 50 terabytes of internal information, but this has not been independently verified.
In a notice to customers, NHS Supply Chain said that four defibrillator products and three oral swabs, used for diagnosing infections and collecting samples, were subject to “control demand management”, which enables NHS bosses to have full control of the allocation of these products where supplies are severely restricted.
“NHS Supply Chain have continued to work with Stryker over the weekend to minimise disruption from the cyber attack as the company seeks to restore its IT systems.
“Our focus continues to be to maintain supply to allow the system to continue to operate as normal. Further guidance on product availability and ordering will be provided as soon as possible,” it adds.
In a statement on its website, published on 13 March, Styrker said: “Stryker is responding to a global network disruption to our Microsoft environment as a result of a cyber attack.
“We have no indication of ransomware or malware and believe the incident is contained.”
It adds that the incident has “caused disruptions to order processing, manufacturing and shipping”.
Stryker said that it was working to restore its systems and has implemented business continuity measures to support its customers and partners.
“Our investigation into the nature and scope of this incident remains ongoing and is in its early stages. We are collaborating with law enforcement and our government agency partners to share meaningful intelligence about this incident as we learn more,” it adds.
In an update on 15 March, Stryker said that the incident had been contained, and the restoration process was “progressing steadily”.
NHS Supply Chain has set up an incident team to manage the disruption and is collaborating with NHS England and the Department of Health and Social Care, who have engaged with the National Supply Disruption Response team to formulate a system wide response.
Commenting on the incident, Dr Saif Abed, founding partner and director at The AbedGraham Group, told Digital Health News: “Critical suppliers to the NHS are collateral damage as a part of modern warfare and geopolitics.
“The extent to which NHS organisations and, especially, suppliers are ready to deal with a heightened threat of cyber-disruption to patient safety is questionable.
“Now, more than ever, we need political leadership to launch a national review into NHS cyber security, resiliency and patient safety so we can benchmark event preparedness.”
