Ireland shuts down health IT system after ransomware attack
Ireland’s health authority said Friday it had shut down its computer systems after experiencing a “significant ransomware attack”, a week after the largest US fuel pipeline network was also targeted.
The Irish attack was blamed on international criminals and was said to be targeting healthcare records, but officials said patient safety was not at risk.
And Irish premier Micheal Martin was pressing ahead with a visit Friday to Britain to meet Prime Minister Boris Johnson amid tensions over Brexit, Martin’s office said.
“We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us (to) fully assess the situation with our own security partners,” Ireland’s Health Service Executive (HSE) said.
“We apologise for the inconvenience caused to patients and to the public and will give further information as it becomes available,” it added, stressing Ireland’s coronavirus vaccination programme was unaffected and “going ahead as planned”.
Another ransomware attack last Friday forced the shutdown of the United States’ largest fuel distribution system, leading to some panic buying at gasoline stations along the east coast.
Moscow has rejected US accusations that a Russia-based group was behind the cyber attack.
HSE chief executive Paul Reid said the attack in Ireland was “an internationally operated criminal operation”, and the authority was working with police, the army and its major IT security providers.
“We are at the very early stages of fully understanding the threat,” he told Irish broadcaster RTE, adding it was trying to “contain” the issue.
The Rotunda maternity hospital in Dublin said that “due to a serious IT issue”, it was only admitting emergency cases and women who are at least 36 weeks pregnant.
Ransomware attacks use a type of malware that encrypts files on an infected computer, normally via an email attachment or download, and demands money to unlock them.
Hospital chief Fergal Malone said the attack had targeted computers storing patient records.
Life-saving equipment is operating fine, “there’s no problem for patient safety”, and the hospital has switched to backup paper records, he told RTE.
“But obviously throughput will be much slower,” he said, urging out-patients with routine appointments to stay away.
The HSE said the attack was an adaptation of ransomware known as “Conti”, in which hackers have already compromised a computer system and lie low until springing their trap.
Last October, it emerged that the then-CEO of Finnish company Vastaamo had covered up a data breach that exposed the confidential treatment records of tens of thousands of psychotherapy patients.
Many patients reported receiving emails with a demand for 200 euros ($240) in bitcoin to prevent the contents of their discussions with therapists from being made public.
In 2017, the United States and Britain blamed North Korea for a ransomware attack that infected some 300,000 computers in 150 countries.
The “WannaCry” attack in May 2017 hit one-third of hospitals in Britain, as well as Spanish telecoms company Telefonica and US logistics company FedEx among others.
This week, British Foreign Minister Dominic Raab called for a global effort to counter online threats as he slammed countries including Russia, China, Iran and North Korea over cyberattacks.
Authoritarian states “are the industrial-scale vandals of the 21st century”, he said in a speech.
“They want to undermine the very foundations of our democracy,” Raab added, as Britain prepares to host a G7 summit next month.