tilialucida - stock.adobe.com

Irish health service hit by major ransomware attack

IT systems in hospitals across Ireland have been switched off following a significant ransomware attack

The Irish national Health Service Executive (HSE) has been forced to shut off all of its IT systems following a major ransomware attack, while it triages and investigates the scale of the incident, causing significant and unavoidable disruption to patient services across Ireland, although Covid-19 vaccine appointments are operating normally.

In a statement, the HSE said: “There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation.”

The services’ chief exec Paul Reid told RTÉ’s Morning Ireland show the attack was significant and serious, and said the HSE is working alongside Ireland’s National Cyber Security Centre, the Garda, and its security partners on the initial investigation.

“We do apologise for the impact that it’s had, but we are at the very early stages of fully understanding the threat, the impact, and trying to contain [it],” said Reid.

At the time of writing, the strain of ransomware involved in the incident had not been disclosed, and nor has the HSE given any indication that it has entered into negotiations with those responsible.

Nominet’s Steve Forbes said that if there had been any doubt that malicious actors were escalating their attacks on critical national infrastructure (CNI), the past few days have proved it twice over. “National healthcare services are already under strain from the pandemic, which will make this ransomware attack even more devastating,” he said.

“That fact will not be lost on the hackers – the attacks on Colonial and the Irish health care system both demonstrate that criminal groups are choosing targets that will have the greatest impact on governments and the public, regardless of the collateral damage, in order to apply the most leverage. It is an increasingly alarming pattern of criminal behaviour.”

Read more about healthcare security

  • As healthcare organisations face an onslaught of ransomware attacks, channel partners can assist with security initiatives such as zero-trust architectures to prevent breaches.
  • A £500,000 funding pot from the government aims to help support small and mid-sized healthcare firms during the pandemic.
  • Healthcare IT and security administrators must understand the evolving challenges of protecting healthcare IoT devices and data to keep patients safe.

Qualys CISO Ben Carr said the innate characteristics of healthcare organisations make them uniquely vulnerable to such attacks. “Ransomware will continue to impact the healthcare sector, where bad actors have concluded that the threat to life makes this sector more likely to pay,” he said.

“Ransomware has also been quite successful against municipal governments, and this is also because there is an increasing perception that bad actors will get paid when systems can’t be allowed to go down.”

The HSE had previously been warned over its cyber security posture after it was reported at the end of 2020 that thousands of its computers were still running out of date software.

According to RTÉ, the health service spent over €1m in 2020 on Microsoft’s Extended Security Update programme to protect its Windows 7 estate.

As of the end of 2020, it allegedly had about 37,000 systems running on the old operating system, for which Microsoft ceased support on 14 January 2020. The HSE said its migration to Windows 10 had been heavily impacted by the pandemic.

Read more on Hackers and cybercrime prevention