On Thursday 4th of August 2022, Advanced, a British managed service provider (MSP) suffered a ransomware attack that occurred in the early morning. The incident resulted in seven of the solutions that Advanced offer being impacted. One of Advanced’s main customers was United Kingdom’s National Health Service (NHS) where emergency services (111) were disrupted due to the incident.
When the incident was identified on Thursday morning, Advanced took immediate action to mitigate the risk and isolated Health and Care environments where the incident was detected. Advanced is now working with forensic experts from Microsoft DART and Mandiant, who are also helping bring the affected systems back online securely.
After the initial response, Advanced stated that it would restore connectivity to its environments and assist customers to gradually reconnect safely and securely. Although some of the Advanced solutions would take at least three to four weeks to reconnect.
No further details about the incident have been shared including how the threat actors gained access to the network, who was responsible for the attack and if data was stolen. This is because the investigation of the incident is still ongoing.
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.