01 Jun Irish Luck
Ireland Health Services (HSE), Ireland’s public hospital network, is digging its heels in to avoid paying ransom following a ransomware attack by the Conti group in mid-May causing chaos. Recipients and providers of healthcare in Ireland are in crisis while the hackers are accused of lacking a moral compass.
The crisis response plan for significant IT attacks was immediately implemented but it hasn’t stopped the hackers co-opting patient details and posting them on the dark web. Two weeks later, at the end of May, the HSE Twitter account is advising healthcare users that the HSE are working hard to resolve disruption to services.
All electronic records and systems have been compromised and patient documentation has gone analogue, that is pen and paper recording. Approximately 7,000 outpatient appointments, including maternity consultations for women pre-36 weeks gestation, have been cancelled or postponed which could have dire consequences for preventative medicine.
The HSE estimates over 500 sensitive documents from their servers have been stolen. They have stolen private patient data and corporate material and distributed it widely on digital networks despite the government’s threat to criminalise hacking activities. Although it appears there is no concrete evidence that the stolen material exists online, the threat is heavy. The public have been fielding an influx of phishing calls from HSE services but the HSE say these are fake callers, who are opportunistic, and definitely not the HSE or anyone they believe that has stolen patient data.
In a weird twist, a week after the original attack, the Conti ransomware group offered HSE the decryption tool to fix the software at a cost of USD$20m, saying they would publish private data if the HSE did not get in contact to resolve the issue completely. The HSE has so far called their bluff but they don’t know what Conti intends to do with the stolen data.
The restoration process, updating Microsoft 365 software and stemming disruption to patient care has just begun according to the Irish Times. The Irish Defence Forces have been deployed to help clean up the mess. A mess that looks like it will cost more than €100 million to rectify.
Faster Networks help businesses protect their digital assets. We are a cyber security partner that brings the best software solutions that anticipate and fix digital vulnerabilities. Our areas of expertise includes Vulnerability Management, Security Orchestration Automation and Response (SOAR), Application Security, Infrastructure Security, Distributed Denial of Service (DDoS) Protection and Application Pentesting.