Advanced Ransomware Cyberattack: Cloud MSP Recovery Updates

Advanced, a cloud MSP that hosts and manages healthcare applications, suffered a ransomware attack on August 4 that knocked some NHS  111 emergency healthcare services offline in the United Kingdom.

Advanced has hired Mandiant and Microsoft DART (Detection and Response Team) to perform forensics and "ensure that our systems are brought back online securely with enhanced protections," the cloud MSP stated. However, it may take the entire month of August or so to perform a complete restore, Advanced indicated.

The fallout impacted patient referral systems, ambulance dispatch management, and after-hours patient booking and emergency prescriptions, multiple reports assert.

Related: Google Cloud Acquiring Mandiant

Advanced: UK Cloud Application Provider, MSP Business Details

According to an Advanced FAQ about the cyberattack, the impacted software applications and managed IT services include:

Advanced, backed by private equity firm BC Partners since 2019, is a large, tempting target for hackers, cyberattacks and ransomware groups. The company, based in Birmingham, England, offers ERP (enterprise resource planning), vertical market applications and associated IT services to more than 25,000 customers. Key customers include NHS, Department for Work and Pensions (DWP), London City Airport, Virgin Money, Café Nero, Harvey Nichols, Woodland Trust and Norwich City Council.

CISA, FBI, UK Repeatedly Issue Ransomware Attack Warnings to MSPs

The CISA, FBI and UK authorities have repeatedly warned MSPs about inbound cyberattacks. The latest joint warning, issued in May 2022, included 12 tips to help MSPs reduce ransomware cyberattack threat risks. Separately, Microsoft issued a ransomware cyberattack warning to small businesses and their IT service providers in July 2022.

Blog originally posted August 7, 2022. Updated regularly thereafter with ransomware attack recovery updates.