Irish Health Service Shut Down by 'Significant' Ransomware Attack
Ireland's health service shut down its IT system today, May 14, as a temporary measure following a "significant ransomware attack," the service stated in a post on social media.
The news comes within days of another high-profile ransomware attack leading several US states to call an emergency over the shutdown of a crucial fuel pipeline.
Ireland's Health Service Executive (HSE) explained that the country's ambulance service "as per normal with no impact on emergency ambulance call handling and dispatch nationally."
A 'severe impact' on Ireland's health services
Despite the reassurance over Ireland's ambulance services, Ireland's health minister, Stephen Donnelly, wrote on Twitter that the ransomware attack was having "a severe impact on [the] health and social care services".
This is having a severe impact on our health and social care services today, but individual services and hospital groups are impacted in different ways. Emergency services continue, as does the @AmbulanceNAS. Updated information will be available @HSELive throughout the day.— Stephen Donnelly (@DonnellyStephen) May 14, 2021
Donnelly also noted that "COVID-19 testing and vaccinations are continuing as planned today."
As the BBC reports, Dublin's Rotunda Hospital has canceled outpatients visits, citing a "critical emergency." At least five other hospitals in Dublin and other parts of Ireland, including the midwest, also released statements noting that appointments were either canceled or delayed.
No ransom demand so far
Ransomware attacks typically see hackers gain access to sensitive files and demand a ransom in order to return the files to their rightful owners without deleting them. Hackers can grind entire public service systems to a halt by essentially commandeering entire IT infrastructures.
In an interview with Ireland's RTÉ News, HSE chief executive Paul Reid explained that the attack targeted data stored on central servers and the HSE is yet to receive a ransom demand from the attackers.
There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.— HSE Ireland (@HSELive) May 14, 2021
Reid described the attack as "significant and serious" and stated that the HSE had the support of cybersecurity experts from the gardai (Irish police), the defense forces, as well as third-party cybersecurity professionals.
Growing concerns over ransomware attacks targeting public services
There is an increasing concern over ransomware attackers that threaten to bring entire public services to a grinding halt if they don't get paid. As a reference, the recent Colonial Pipeline attack was described by energy researcher Amy Myers as "the most significant, successful attack on energy infrastructure we know of in the United States."
It has recently emerged that Colonial Pipeline, the operator of the US fuel pipeline that was shut down after a ransomware attack on May 7, reportedly paid $5 million to hackers in the early stages of the attack.
A global cybersecurity survey by Sophos recently revealed that the average ransomware recovery cost has doubled in the last year, reaching $2 million. The same report stated that only 8 percent of organizations actually had all of their data returned to them after paying a ransom.
When the HSE was informed of the ransomware attack at 4 am GMT+1, it decided to shut down its IT system in order to give itself time to assess the situation. There is currently no indication that anyone's private information has been compromised. The HSE stated that any response to a ransom demand will be made with extreme caution. Stay posted for more on this developing story.