St Thomas’, including the Royal Brompton and the Evelina London Children’s Hospital, is among the affected trusts
It applies to hospitals partnered with Synnovis - a provider of pathology services.
King's College Hospital, Guy's and St Thomas' - including the Royal Brompton and the Evelina London Children's Hospital - and primary care services are among those affected.
The incident has had a "major impact" on the delivery of services, especially blood transfusions and test results.
It is thought to have happened on Monday, meaning some departments could not connect to a main server.
Some procedures have been cancelled or have been redirected to other NHS providers as the hospitals try to establish what work can be carried out safely.
The NHS said emergency care continued to be available.
GP services across Bexley, Greenwich, Lewisham, Bromley, Southwark and Lambeth boroughs have also been affected.
A spokesperson from Synnovis said the company had sent in a "taskforce of IT experts" to "fully assess" the impact.
The NHS apologised for the inconvenience and said it was working with the National Cyber Security Centre to understand the impact.
'Go home and wait'
One patient, Oliver Dowson, 70, was prepared for an operation from 06:00 at the Royal Brompton. He was told by a surgeon at about 12:30 that it would not be going ahead.
"The staff on the ward didn't seem to know what had happened, just that many patients were being told to go home and wait for a new date," he said.
"I've been given a date for next Tuesday and am crossing my fingers.
"It's not the first time that they have cancelled, but that was probably staff shortages in half-term week."
Vanessa Welham from Streatham, south-west London, said her husband's blood test at Gracefield Gardens health centre was cancelled on Monday evening.
"My husband received a text message last night advising his appointment this morning had been cancelled due to circumstances beyond their control, and that all major south London hospitals are unable to take any bookings for an indefinite period of time.
"He went on to the Swift website and made a new appointment - the earliest available was June 17, but that's probably questionable."
'Incredibly sorry'
A spokesperson for NHS England London region confirmed Synnovis was the victim of a ransomware cyber attack.
"Emergency care continues to be available, so patients should access services in the normal way, and patients should continue to attend appointments unless they are told otherwise," they said.
"We will continue to provide updates about the impact on services and how patients can continue to get the care they need."
A spokesperson for Synnovis said: "We are incredibly sorry for the inconvenience and upset this is causing to patients, service users and anyone else affected.
"We are doing our best to minimise the impact and will stay in touch with local NHS services to keep people up to date with developments."
'Harsh reminder'
The spokesperson added it had "invested heavily" in "ensuring our IT arrangements are as safe as they possibly can be".
"This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.
"The incident is being reported to law enforcement and the Information Commissioner, and we are working with the National Cyber Security Centre and the Cyber Operations Team."
Cyber security expert Steve Sands, from the Chartered Institute for IT, said ransomware threat was now an "ever-present danger to critical institutions from schools to hospitals".
He added: "Of course, the perpetrators have no conscience, and they will attack any organisation whose cyber defences are not sufficiently robust.
"We need to ensure that all public sector organisations have contingency plans in place to manage cyber attacks, that staff are regularly trained on risk and there is sufficient investment in software resilience.
"Whoever forms the next government needs to make sure the NHS has this resource and that it is spent correctly, to ensure that lives are not put at risk."
The government said it was providing support
Prof Awais Rashid, head of the Bristol Cyber Security Group at the University of Bristol, said digital infrastructures were often a complex combination of many different systems and third-party service providers.
"Hence, cyber-attacks can have significant and substantial cascading impacts as we are seeing in this unfolding situation where critical health services are being impacted."
A government spokesperson said patient safety was its priority and support was being provided to the company.
"We are working [with Synnovis] to minimise the impact on services for a number of NHS organisations in south-east London."
Comment: Whilst the WEF and its partners began 'warning' of a looming 'cyberpandemic' a few years ago, in just the last year, the number of cyber-attacks against critical infrastructure and services, from emergency telecoms, hospital IT networks, to government voting systems, appears to have surged.
These are perhaps more notable than those against private corporations, which also appear to be on the rise, because there doesn't always appear to be an obvious financial incentive.
It's perhaps no coincidence that, amidst these developments, Admiral Rob Bauer recently stated that NATO could consider a cyberattack cause for initiating Article 5, its collective defence clause, thus possibly paving the way for the mobilisation of forces against an alleged attacker; this, despite it being well known that it's notoriously difficult to prove who's responsible.
It doesn't seem a stretch to consider that NATO could use a cyberattack as justification for aggression against their desired target nations (Russia, China, Iran), despite the US and Israel being infamous for cyberwarfare and false flags.
However, as the cyberattacks on emergency services show, even without Article 5, they can be deployed to achieve other objectives, such as simply sowing chaos and terrorising people. And, recently, UK officials have been warning of just this possibility:
- UK Deputy PM urges people to stockpile 3 days' worth of food amid 'fears of prolonged power cuts, cyber attacks and floods'
- 'Technical issue' causes stocks to plummet 99% on New York Stock Exchange; major outage at Czech Post services
- French state services hit by cyberattacks of 'unprecedented intensity'
See also:- Cyberattacks take down Canadian medical software provider, China's Wuhan earthquake monitoring service (27th July)
- Norway's government ministries hit by 'extremely serious' cyber attack (25th July)
- Cyberattack on major energy company disrupts supply at gas stations in Canada (27th June)
- UK telecoms missed nearly 11,500 emergency calls during weekend 999 outage (Jun)
- Sweden parliament hit by denial-of-service cyber attack as Nordic leaders prepared to meet with Zelensky in Finland (4th May)
- 'Computer glitch' hits Paris airport's border control causing long delays (4th March)
Another from today: