Ireland’s health care services were temporarily disrupted after being hit by a ransomware attack. The Irish Health Service Executive (HSE) claimed that the attack affected several diagnostic services, disrupted COVID-19 testing operations, and forced hospitals to cancel many medical emergencies.
There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.
— HSE Ireland (@HSELive) May 14, 2021
Zero-Day Attack!
According to Ossian Smyth, Ireland’s minister of e-government and head of the HSE, an international cybercriminal gang is behind the attack. It was found that the attackers exploited an unknown vulnerability in the IT systems that led to a Zero-Day attack, affecting IT systems services at all local and national health care facilities. While the attack may potentially affect sensitive information stored on central servers, health care officials stated that there was no sign of misuse of any patient data or connected medical equipment.
“These are cybercriminal gangs, looking for money. What they’re attempting to do is to encrypt and lock away our data, and then to try to ransom it back to us for money. It’s widespread. It is very significant, and possibly the most significant cybercrime attack on the Irish State,” Smyth said.
Patients – The Primary Victims
The attack primarily affected several patients who needed medical attention as the majority of the hospitals canceled all appointments.
Rotunda Critical Emergency
Due to a serious IT issue all outpatient visits are cancelled today – unless you are at 36 weeks pregnant or later. All gynae clinics are cancelled today.
If you have any urgent concerns please attend as normal.Further updates will follow.
— The Rotunda Hospital (@RotundaHospital) May 14, 2021
No Ransom!
While there was no sign of any ransom demand from cybercriminal groups, the Prime Minister of Ireland Micheál Martin announced that they will not be going to pay any ransom.
Besides, Ireland’s Health Minister Stephen Donnelly stated the attack impacted most health and social care services severely.
This is having a severe impact on our health and social care services today, but individual services and hospital groups are impacted in different ways. Emergency services continue, as does the @AmbulanceNAS. Updated information will be available @HSELive throughout the day.
— Stephen Donnelly (@DonnellyStephen) May 14, 2021
Currently, the health care authorities in the country are working on restoring the IT systems to help patients who are in medical need. “We apologize for the inconvenience caused to patients and the public and will give further information as it becomes available. Vaccinations not affected are going ahead as planned,” HSE said.
What Experts Say…
Commenting on the security incident to CISO MAG, Mathieu Gorge, CEO and Founder of VigiTrust, said, “First hackers attacked a pipeline that directly affects the ability of Southeastern Americans to conduct their daily lives, and now they’ve attacked the Irish health care system in the middle of a pandemic. Their next target could be first responders or the banking system. Criminals see this as just yet another opportunity to strike, without any regard for the impact on human life.”
“What’s most worrying about this is that it has established a trend that you can attack critical infrastructure anywhere and everywhere. And these aren’t necessarily sophisticated attacks by nation-states; they are relatively low-skill attacks with huge consequences exploiting attack surfaces which frankly should be better protected. Clearly, there are deficiencies in our defenses,” Gorge added.
