Ransomware Group

Qilin

Also known as: Agenda

Status: active • First seen 2022-08200+ known victims

Qilin attacked hospital laboratories in the UK, stopping blood tests and other medical tests. This put patients at risk and showed how dangerous ransomware attacks on healthcare can be.

Overview

Qilin is a ransomware-as-a-service operation that has targeted critical healthcare infrastructure. The group gained notoriety for disrupting UK NHS hospital pathology services in 2024.

Target Industries

Healthcare, Technology, Government, Critical Infrastructure

How They Attack

  • RaaS model
  • Double extortion
  • Cross-platform targeting
  • Healthcare disruption

Notable Victims

Synnovis/NHS (2024), Technology companies

Is your business exposed?

How to Protect Against Qilin

  1. 1.

    Implement healthcare-specific cybersecurity protocols

  2. 2.

    Ensure critical healthcare systems have offline backups

  3. 3.

    Deploy network segmentation for lab systems

MITRE ATT&CK Techniques

T1486, T1567, T1078, T1021

Related Groups

Blackcat, Lockbit

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices