Hospital IT Systems Across Ireland Hit by a Powerful Ransomware Attack
A full-blown ransomware attack has taken down the IT system of every hospital and health center in Ireland, as reported by Paul Reid, CEO of Ireland’s Health Service Executive (HSE) — a government agency in charge of all public health services nationwide. The strike, which turned out to be the Conti Ransomware, has primarily affected the IT infrastructure of The Rotunda, The National Maternity Hospital, and many other health centers, shutting down their email systems, as well. Fortunately, life-saving and surgery equipment has remained intact, and so has the ongoing Covid-19 vaccination program. However, the Covid-19 vaccine registration portal has closed down to prevent the malware from spreading further.
Table of Contents
The Extent of the Damage
News about the ransomware attack first broke out in the early morning of May 14 through Rotunda Hospital’s HSE Ireland’s official Twitter account. HSE followed suit shortly after. What followed was a shutdown of all IT systems to isolate the breach as much as possible. Health staff has no access to patient records and has had to cancel all non-urgent outpatient appointments and inpatient elective surgeries, except for early infants (less than two weeks of age) and late pregnancies (36 weeks gestation or over). Last but not least, the breach has debilitated the IT systems at Tusla, Ireland’s national Child and Family Agency, as they reside on the same HSE ICT network as any other health center within the country. Authorities have reportedly teamed up with the National Police Service, the Irish armed forces, and private cybersecurity experts to curb the spread of the ransomware and bring everything back to normal.
The Possible Genesis of the Attack
Professor Fergal Malone, Master of The Rotunda Hospital in Dublin, has suggested the breach may have come through HSE's centralized patient registration system because it only hit "information-logging IT systems." Since many hospitals and health centers using HSE's uniform system to register patients are currently unable to get in touch with their patients, Malone's notion may not be that far from the truth. We will follow this story's development as it continues to unfold. What is crystal clear is that many clinicians will now have to go through the ordeal of temporary switching to paper records, which will inevitably lead to considerably lower patient throughput. Either way, there will be an incredible number of delayed and rescheduled events, operations, and appointments.
Officials Are Adamantly Opposed to Paying the Ransom
Although Conti struck in the early hours of May 14, it was not until a few hours later that the crooks in charge — a group of cybercriminals presumed to have an international background — demanded an undisclosed ransom amount to end the siege of HSE’s national IT infrastructure. Whether or not the required payment is anywhere close to the average ransom amount of EUR 300,000 demanded in other similar attacks across Europe in 2020 is anyone's guess. Nor do we know if the gang at play may have required not one but two ransom payments — one for unlocking the data and another one to prevent accidental leaks on the Web. However, what is not a guess but a firm fact is that HSE officials fully intend to follow the government's policy not to pay any ransom under any circumstances. The organization says it has backed up all of its crucial systems, which, other things being equal, should prove sufficient to restore them to their previous normal state of operation.
Yet Another Wake-up Call
Even if the HSE does have full data backups at hand, its efforts to make a full recovery from the Conti ransomware attack will probably continue through the next few days at least. Moreover, this is not the first time a state institution has fallen victim to a malware campaign. On the contrary, such instances are becoming increasingly common on both sides of the Atlantic (the Colonial Pipeline / DarkSide Ransomware attack in the US comes to mind) and expose just how vulnerable entire industries can be when faced with an army of sophisticated, tech-savvy hackers. Is the time when governments decide to place greater emphasis on cultivating impeccable cybersecurity agencies looming on the horizon?