Ireland’s Health System Forced To Shut Computer Systems After Being Hit By ‘Significant’ Ransomware Attack - Forbes

cicingwos.blogspot.com

Topline

Ireland’s national health service operator was hit by a major ransomware attack that forced it to shut down all of its IT systems, the government agency announced on Friday, adding that its Covid-19 vaccination program remains unaffected.

Key Facts

In a statement issued on Twitter, Ireland’s Health Service Executive (HSE) described the incident as a “significant ransomware attack” on its IT systems and noted that it has shut down all its systems as a precaution to protect them while assessing the situation.

The HSE’s Chief Executive Paul Reid told the country’s national broadcaster RTE that the attack was a “significant and serious” one and the nation’s cybersecurity team have also been alerted.

The attack is focused on accessing data stored on the HSE’s central servers, however, no ransom demand has been made yet, Reid said.

Reid noted that the Covid-19 vaccination program remains unaffected by the issue as it’s run on a separate system.

While the extent of the attack is not yet clear, at least one maternity hospital in Dublin—The Rotunda Hospital—tweeted that it has canceled all outpatient appointments on Friday other than women who are 36 weeks pregnant or in need of urgent care.

An oncologist at a hospital in Cork told RTE that all of the hospital's computers have been switched off because of the cyberattack and expressed concern about possible disruptions in time-dependent treatments for cancer patients.

Tangent

Prof Malone said the Rotunda learned in the early hours of the morning that its systems had been hit by a Conti ransomware attack. According to cybersecurity firm Sophos, Conti is human-operated and is referred to as a “double extortion” ransomware that steals and threatens to expose information as well as encrypting it. Conti was first discovered in May 2020 and since then, a website called “Conti News” has published data stolen from at least 180 victims.

Key Background

In a ransomware attack, the hacker holds the victim’s data hostage—threatening to either permanently delete it or release it publicly—unless they agree to pay a ransom, often in cryptocurrencies like bitcoin. Last year, several medical institutions across the U.S. were hit by ransomware attacks. Targets included the University of Vermont Health Network with locations in New York and Vermont. At least four hospital chains were also hit by the same attackers including the Sky Lakes Medical Center, with 21 locations in Oregon; Dickinson County Healthcare System in Michigan and Wisconsin; and the St. Lawrence Health System in northern New York. In July, the U.K.’s National Cyber Security Centre (NCSC) along with the DHS’s Cybersecurity Infrastructure Security Agency (CISA) discovered Russian cyber actors were targeting organizations involved in developing a Covid-19 vaccine. In 2017, the British National Health Services (NHS) and several general practitioners in the U.K. were hit by ransomware that used the National Security Agency’s (NSA) leaked WannaCry cyberattack tool.