Attacks on Availability: A Growing Threat to Critical Infrastructure
Ransomware attacks focused on the availability of systems are gaining a lot of popularity
as very serious attack vectors of disruption, especially in the healthcare sector. A June 2024
attack on Synnovis, which provides pathology services to several hospitals in London, knocked
out major critical systems and made patient care and hospital operations highly untenable
(Computer Weekly, 2024).
What Is an Attack on Availability?
An “attack on availability” is any cyber attack aimed at interrupting or blocking access to
data, systems, or services for users who are authorized users. This refers to direct attacks on the
availability aspect of the CIA triad: Confidentiality, Integrity, Availability, for all practical
purposes, a cornerstone of cybersecurity. Distributed Denial of Service (DDoS) attacks and
ransomware are some of the most prevalent threats in this definition, as their end goal is to shut
down operations and will request a ransom or cause, in prolonged outages, where it is just
system-wide.
Recent Example: Synnovis Ransomware Attack
The cybercriminal outfit known as Qilin ransomware, which reportedly has affiliations to
Russia, launched a crippling cyberattack on Synnovis in June 2024 (Topham, 2024). Synnovis is
a pathology services provider for the National Health Service (NHS). From that moment
onwards, the main operation of the company was determined by the failure of its IT system,
which became prone to blocked files and extortion relating to the restoration of access to those
encrypted files.
Massively impacted during the cyberattack were the pathology services across
major NHS hospitals in London, namely, Guy’s and St Thomas’ and King’s College Hospital.
More than 6,000 outpatient appointments and surgeries were called off, while critical services,
such as blood transfusions, were either paused or postponed. Emergency care was still rendered,
but not without a strain, with several long-term operational challenges triggered by the resulting
backlog (The Guardian, 2024).
Consequences and Prevention
It has far-reaching implications: these attacks threaten the safety of patients, financial
stability, and public trust. Late treatment in such cases can often be fatal. Organizations should
install strong defenses against attacks through regular backups, training employees, and
rehearsing incident response plans.
Conclusion
Attacks focusing on availability threats, particularly ransomware, are threatening
organizations’ very existence more so today than ever. The proactive approach to cybersecurity
decreases these risks and guarantees access to critical business systems.
References
Computer Weekly. (2024). NHS Trusts cancelled over 6,000 appointments after Qilin cyber
attack. Retrieved from
https://www.computerweekly.com/news/366593892/NHS-Trusts-cancelled-over-6000-ap
pointments-after-Qilin-cyber-attack
The Guardian. (2024). Hacked London NHS hospitals data allegedly published online. Retrieved
from
https://www.theguardian.com/society/article/2024/jun/21/hacked-london-nhs-hospitals-da
ta-allegedly-published-online
Topham, G. (2024, June 5). Who are Qilin, the cybercriminals thought to be behind the London
hospitals hack? The Guardian.
https://www.theguardian.com/technology/article/2024/jun/05/who-are-qilin-the-cybercri
minals-thought-behind-the-london-hospitals-hack