Health Service Executive ransomware attack
Date | 14 May 2021 |
---|---|
Location | Republic of Ireland |
Type | Cyberattack, ransomware using Conti |
Outcome |
|
On 14 May 2021, the Irish Health Service Executive (HSE) shut down its IT systems nationwide after a cyberattack involving ransomware.[1][2][3][4] The COVID-19 vaccination programme has not been affected by the attack and is proceeding as planned,[5] however the COVID-19 general practitioner and close contact referral system was down, requiring these individuals to attend walk-in sites rather than attend an appointment.[6][1] The ransomware that was supposedly used was the Conti ransomware.[5] The HSE claimed that it was a zero-day-threat and that there was no experience in how to respond to the attack.[7] Minister for Health Stephen Donnelly said the attack had "a severe impact" on health and social care services.[7]
Background
The HSE was alerted to the attack at 4am on 14 May 2021.[8] The attack affected both national and local systems, involved in all core services, with the HSE taking down their IT system in order to protect it from the attack and to give the HSE time to consider options.[9]
Perpetrator & Methodology
The attack has been described as "human-operated" and using a new variant of the Conti ransomware.[8]
The Minister of State for Public Procurement and eGovernment Ossian Smyth stated the group responsible has been identified as a criminal gang operating outside of Ireland; the group name has not been publicly disclosed.[10]
Impact
Some hospitals have described situations where they cannot access electronic systems and records and have to rely on paper records.[11] Some have warned of significant disruption with routine appointments being cancelled, including maternity checkups and scans.[12]
The COVID-19 testing referral system was made offline, requiring individuals with suspected cases to attend walk-in COVID-19 testing centres, rather than attend an appointment.[6] The COVID-19 vaccination registration portal was also made offline, but was later back online in the evening.[13]
The Chief Operations Officer of the HSE Anne O'Connor said that some cancer and stroke services had been affected and said "the situation will be very serious if it continues into Monday". She said that the most serious concerns were with diagnostics, with radiology systems having gone down, affecting CT and other scans from going ahead.[14]
The HSE published a list of impacted services at lunchtime on 14 May 2021 on their website.[15][16]
Hospital disruptions
Response
The HSE is working with the National Cyber Security Centre, An Garda Síochána, as well as various partners, including international ones.[8]
The Minister of State for Public Procurement and eGovernment Ossian Smyth said the attack was international, not espionage, and that "This is a very significant attack, possibly the most significant cyber attack on the Irish State."[17]
A ransom demand of three bitcoin was made, worth approximately 150,000 United States dollars,[18] offering to decrypt data and to not publish "private data"; Taoiseach Micheál Martin stated the ransom would not be paid, with the attack instead being dealt with in a "methodical way".[19][20]
See also
- Colonial Pipeline cyberattack
- WannaCry ransomware attack - which affected the National Health Service in the United Kingdom
References
- ^ a b "Some health service disruption after HSE cyber attack". RTÉ News and Current Affairs. Retrieved 14 May 2021.
- ^ "Irish health service hit by 'very sophisticated' ransomware attack". Reuters. Retrieved 14 May 2021.
- ^ "Irish health service hit by cyber attack". BBC News. Retrieved 14 May 2021.
- ^ "Ransomware attack disrupts Irish health services". The Guardian. Retrieved 14 May 2021.
- ^ a b "Irish Health Service Shuts Down IT System Amid Cyber Attack". Retrieved 14 May 2021.
{{cite web}}
: CS1 maint: url-status (link) - ^ a b Thomas, Cónal. "Covid-19: GP and close contact referral system down, patients advised to attend walk-in centres". TheJournal.ie. Retrieved 14 May 2021.
- ^ a b Burns, Sarah; Clarke, Vivienne; Lally, Conor; Cullen, Paul. "HSE cyber attack 'possibly the most significant' ever on Irish State". The Irish Times. Retrieved 14 May 2021.
- ^ a b c "What we know so far about the HSE cyber attack". RTÉ News and Current Affairs. 14 May 2021. Retrieved 14 May 2021.
- ^ Moloney, Eoghan (14 May 2021). "'Serious and sophisticated' - HSE confirms ransomware cyber attack has hit all hospital IT systems". Irish Independent. Retrieved 15 May 2021.
- ^ Horgan-Jones, Jack; Lally, Conor. "Scale of damage from cyberattack on HSE systems will not be known for days". The Irish Times. Retrieved 15 May 2021.
- ^ Brennan, Colin (14 May 2021). "HSE issues defiant statement after 'significant ransomware attack'". Irish Mirror. Retrieved 15 May 2021.
- ^ Clarke, Vivienne (14 May 2021). "Taoiseach insists Ireland will not pay ransom after HSE cyber attack". BreakingNews.ie. Retrieved 15 May 2021.
- ^ Heaney, Steven; Clarke, Vivienne; Glennon, Nicole (14 May 2021). "Ransom will not be paid to perpetrators of HSE cyber attack". Irish Examiner. Retrieved 15 May 2021.
- ^ Moloney, Eoghan (14 May 2021). "Warning of widespread cancellations for HSE patients if ransomware attack not resolved by Monday". Irish Independent. Retrieved 15 May 2021.
- ^ a b "Appointment and service updates – HSE IT system cyber attack". Health Service Executive (HSE). Retrieved 15 May 2021.
- ^ McDermott, Stephen (14 May 2021). "HSE cyber attack: what services are affected and which ones are still working?". TheJournal.ie. Retrieved 14 May 2021.
- ^ Ní Aodha, Gráinne. "HSE ransomware attack is 'possibly the most significant cyber attack on the Irish State'". TheJournal.ie.
- ^ Woods, Killian. "Hackers of HSE computer system demanded bitcoin ransom worth $150,000". Business Post. Retrieved 16 May 2021.
- ^ Aodha, Gráinne Ní. "HSE confirms ransom has been sought over cyber attack but says it will not be paid". TheJournal.ie. Retrieved 14 May 2021.
- ^ Horgan-Jones, Jack; Burns, Sarah; Lally, Conor; Cullen, Paul. "Bitcoin ransom will not be paid following cyber attack on HSE computer systems". The Irish Times. Retrieved 15 May 2021.