14, May 2021
Ireland’s health authority said Friday it had shut down its computer systems after experiencing a “significant ransomware attack”, a week after the largest US fuel pipeline network was also targeted.
The Irish attack was blamed on international criminals and was said to be targeting healthcare records.
Officials said patient safety was not at risk however the Health Services Executive (HSE) said it is currently unable to make referrals for coronavirus testing.
Government minister Ossian Smyth told RTE it is “possibly the most significant cybercrime attack on the Irish State”, calling it an “international attack” but “not espionage”.
“These are cyber criminal gangs, looking for money,” he told Ireland’s state broadcaster.
Shut down all IT systems
The HSE said it shut down all its IT systems as a precaution but said the country’s coronavirus vaccination programme was unaffected, as were emergency service calls.
But the referral system used to book Covid-19 tests was down.
Health minister Stephen Donnelly said the attack was having a “severe impact” but “individual services and hospital groups are impacted in different ways”.
On Twitter he claimed that “Covid-19 testing and vaccinations are continuing as planned”.
Liz Canavan, a top official in prime minister Micheal Martin’s office, said the outage was also affecting child protection services, which are hosted on HSE servers.
She urged people needed urgent treatment to attend hospital as normal but HSE chief operations officer Anne O’Connor warned of disruption if the outage continued.
“If this continues to Monday we will be in a very serious situation, and we will be cancelling many services,” she said.
Another ransomware attack last Friday forced the shutdown of the United States’ largest fuel distribution system, leading to some panic buying at gasoline stations along the east coast.
Moscow has rejected US accusations that a Russia-based group was behind the cyberattack.
Ransomware attacks use a type of malware that encrypts files on an infected computer, normally via an email attachment or download, and demands money to unlock them.
“We are at the very early stages of fully understanding the threat,” said HSE chief executive Paul Reid.
The authority was working with police, the army and its major IT security providers to “contain” the attack, he added.
The Rotunda maternity hospital in Dublin said that “due to a serious IT issue”, it was only admitting emergency cases and women who are at least 36 weeks pregnant.
Hospital chief Fergal Malone said the attack had targeted computers storing patient records.
Life-saving equipment is operating fine, “there’s no problem for patient safety”, and the hospital has switched to backup paper records, he told RTE.
“But obviously throughput will be much slower,” he said, urging out-patients with routine appointments to stay away.
The HSE said the attack was an adaptation of ransomware known as “Conti”, in which hackers have already compromised a computer system and lie low until springing their trap.
Health care institutions have been frequent victims of ransomware attacks. In Los Angeles, Hollywood Presbyterian Medical Center revealed in 2016 it paid $17,000 to hackers to decrypt important data.
Last October, it emerged that the then-CEO of Finnish company Vastaamo had covered up a data breach that exposed the confidential treatment records of tens of thousands of psychotherapy patients.
Many patients reported receiving emails with a demand for 200 euros ($240) in bitcoin to prevent the contents of their discussions with therapists being made public.
In 2017, the United States and Britain blamed North Korea for the “WannaCry” ransomware attack that infected some 300,000 computers in 150 countries, including one-third of British hospitals.
Britain’s Foreign Secretary Dominic Raab this week called for a global effort to counter online threats as he slammed countries including Russia, China, Iran and North Korea over cyberattacks.
Authoritarian states “are the industrial-scale vandals of the 21st century”, he said.