Mark Galeotti Mark Galeotti

Who are the Russian NHS hackers?

What do you do if you’re a modern state and need extra capacity in a hurry? You outsource. And if you’re also a kleptocracy, to whom can you turn for this? Criminals. It’s not clear whether Qilin, the Russian hacker group behind the recent attack on NHS suppliers is run, encouraged, or simply given a pass by the Kremlin, but the growing interpenetration of espionage, subversion and crime is a threat we must recognise.

Qilin, which engages in ‘ransomware’ attacks whereby it locks up a target’s systems until it pays to have them unlocked – £40 million is the demand in this latest attack – has been active since October 2022. The group refuses to discuss its origins ‘for security reasons’, but has been widely linked to hackers in Russia. However, while one US intelligence source told me their view was that ‘this group has direct links with the Russian security services, probably the FSB’ – the notorious Federal Security Service – ‘and may even be run by them,’ the consensus seems to be that it is really just a criminal gang, even if it has tried to give its recent attack a vague political message that it is punishing Britain for not putting ‘a penny on the lives of those who fight on the front edge of free world.’

Mark Galeotti
Written by
Mark Galeotti

Mark Galeotti heads the consultancy Mayak Intelligence and is honorary professor at the UCL School of Slavonic and East European Studies and the author of some 30 books on Russia. His latest, Forged in War: a military history of Russia from its beginnings to today, is out now.

Topics in this article

Comments

Join the debate for just $5 for 3 months

Be part of the conversation with other Spectator readers by getting your first three months for $5.

Already a subscriber? Log in