Irish Health Service Shut Down by 'Significant' Ransomware Attack

In an increasingly worrying trend, yet another vital public service has been shut down by hackers.

| May 14, 2021 11:09 AM EST

Created: May 14, 2021 11:09 AM EST

Ireland's health service shut down its IT system today, May 14, as a temporary measure following a "significant ransomware attack," the service stated in a post on social media.

The news comes within days of another high-profile ransomware attack leading several US states to call an emergency over the shutdown of a crucial fuel pipeline.

A 'severe impact' on Ireland's health services

Despite the reassurance over Ireland's ambulance services, Ireland's health minister, Stephen Donnelly, wrote on Twitter that the ransomware attack was having "a severe impact on [the] health and social care services".

This is having a severe impact on our health and social care services today, but individual services and hospital groups are impacted in different ways. Emergency services continue, as does the @AmbulanceNAS. Updated information will be available @HSELive throughout the day.
— Stephen Donnelly (@DonnellyStephen) May 14, 2021

Donnelly also noted that "COVID-19 testing and vaccinations are continuing as planned today."

As the BBC reports, Dublin's Rotunda Hospital has canceled outpatients visits, citing a "critical emergency." At least five other hospitals in Dublin and other parts of Ireland, including the midwest, also released statements noting that appointments were either canceled or delayed.

No ransom demand so far

Ransomware attacks typically see hackers gain access to sensitive files and demand a ransom in order to return the files to their rightful owners without deleting them. Hackers can grind entire public service systems to a halt by essentially commandeering entire IT infrastructures.

In an interview with Ireland's RTÉ News, HSE chief executive Paul Reid explained that the attack targeted data stored on central servers and the HSE is yet to receive a ransom demand from the attackers.

There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.
— HSE Ireland (@HSELive) May 14, 2021

Reid described the attack as "significant and serious" and stated that the HSE had the support of cybersecurity experts from the gardai (Irish police), the defense forces, as well as third-party cybersecurity professionals.

Growing concerns over ransomware attacks targeting public services

There is an increasing concern over ransomware attackers that threaten to bring entire public services to a grinding halt if they don't get paid. As a reference, the recent Colonial Pipeline attack was described by energy researcher Amy Myers as "the most significant, successful attack on energy infrastructure we know of in the United States."

It has recently emerged that Colonial Pipeline, the operator of the US fuel pipeline that was shut down after a ransomware attack on May 7, reportedly paid $5 million to hackers in the early stages of the attack.

HSE Chief Executive Paul Reid explains "significant and serious" ransomware attack on the HSE systems I Read more: https://t.co/Hargf2sawg pic.twitter.com/XLtanLPJz8
— RTÉ News (@rtenews) May 14, 2021

A global cybersecurity survey by Sophos recently revealed that the average ransomware recovery cost has doubled in the last year, reaching $2 million. The same report stated that only 8 percent of organizations actually had all of their data returned to them after paying a ransom.