Irish health service hit by cyber attack

[mood]

Irish health service hit by cyber attack

 

COPYRIGHT GETTY IMAGES

 

Ireland's health service has temporarily shut down its IT system after what it described as a "significant ransomware attack".

 

The Health Service Executive (HSE) said it had taken the precaution of closing down its systems to further protect them and assess the situation.

 

Ireland's Health Minister Stephen Donnelly said the incident was having "a severe impact on [the] health and social care services".

 

Emergency services continued, he said.

 

Anne O'Connor of the HSE told Irish broadcaster RTÉ on Friday afternoon that if "this continues to Monday, we will be in a very serious situation and we will be cancelling many services".

"At this moment we can't access lists of people who are scheduled for appointments on Monday, so we don't even know who to cancel," she said.

 

A number of hospitals in the Republic of Ireland are reporting disruption to services.

• Dublin's Rotunda Hospital has cancelled outpatients visits, due to a "critical emergency", unless women are 36 weeks pregnant or later. All gynaecology clinics are cancelled. It said those with any urgent concerns should attend.
• The National Maternity Hospital in Dublin also said there would be "significant disruption" to its services on Friday "due to a major IT issue".
• St Columcille's Hospital in Dublin said some virtual appointments and matters related to electronic records were postponed.
• Children's Health Ireland (CHI) at Crumlin Hospital advised people there were delays and all virtual/online appointments had been cancelled.
• The UL Hospitals Group, which consists of six hospital sites in the midwest, said in a statement that "long delays are expected" for patients attending its services. It said emergency services are still operating and people with an outpatient appointment or scheduled procedure should attend unless they are contacted and "advised otherwise".

 

The HSE is tweeting about what services have been affected.

 

I have been in regular contact with @paulreiddublin this morning about this cyber attack on the @HSELive IT systems. We are working to ensure that the systems and the information is protected. COVID-19 testing and vaccinations are continuing as planned today.

— Stephen Donnelly (@DonnellyStephen) May 14, 2021

 

The BBC is not responsible for the content of external sites.View original tweet on Twitter

 

In a tweet, Mr Donnelly said his department is working to ensure the systems and information is protected.

 

He added that Covid-19 vaccinations and testing would proceed as normal.

'Significant and serious'

Earlier, HSE chief executive Paul Reid told RTÉ's Morning Ireland it is working to contain a sophisticated human-operated ransomware attack on its IT systems.

 

He said that the cyber attack was affecting all national and local systems involved in all core services.

 

Mr Reid described the attack as "significant and serious".

"We are working with all of our major IT security providers and the national security cyber team are involved and being alerted, so that would be the major state supports including gardai [Irish police] the defences forces and third party support teams," he added.

 

There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.

— HSE Ireland (@HSELive) May 14, 2021

 

The BBC is not responsible for the content of external sites.View original tweet on Twitter

 

Mr Reid said the attack is focused on accessing data stored on central servers.

 

He said it is a major incident, but that no ransom demand has been made at this stage.

 

Computer viruses that threaten to delete your files unless you pay a ransom are known as ransomware.

 

COPYRIGHT RTÉ

captionDublin's Rotunda Hospital has taken the precaution of closing down its IT systems to further protect them

 

Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it.

 

Rotunda Hospital Master Professor Fergal Malone said they had discovered during the night that they were victims of the ransomware attack, which is affecting all of its electronic systems and records.

 

Prof Malone said he believed it could also have affected other hospitals, which was why they had shut down all of their computer systems.

 

Rotunda Critical Emergency
Due to a serious IT issue all outpatient visits are cancelled today - unless you are at 36 weeks pregnant or later. All gynae clinics are cancelled today.
If you have any urgent concerns please attend as normal.

 

Further updates will follow.

— The Rotunda Hospital (@RotundaHospital) May 14, 2021

 

The BBC is not responsible for the content of external sites.View original tweet on Twitter

 

Prof Malone said all patients are safe and the hospital had contingency plans in place so it can function normally using a paper-based system.

 

He added that this would slow down the processing of patients, which is why the hospital was looking to limit the numbers attending appointments on Friday.

 

He said life-saving equipment was in operation and it was computers with healthcare records that have been affected.

 

"We have systems in place to revert back to old fashioned based record keeping," he said.

 

"Patients will come in, in labour, over the weekend and we will be well able to look after them."

 

The child and family agency, Tusla, said its IT systems are not operating as a result of the attack, as the agency is hosted on the HSE network.

 

It said any person wishing to make a referral about a child can do so by contacting the office in their area.

 

The HSE tweeted that the National Ambulance Service is "operating as per normal with no impact on emergency ambulance call handling and dispatch nationally".

'Zone of uncertainty'

Professor Seamus O'Reilly, oncologist at Cork University Hospital, said all of its computers had been switched off due to the cyber attack.

 

He told RTÉ that the HSE had acted quickly, but that it was distressing for patients who are awaiting results and "living in that zone of uncertainty".

 

Prof O'Reilly said cancer care was time dependent on technology and the hospital is anxious to proceed with treatment.

 

Krysia Lynch, chair of the Association for the Improvement in Maternity Services in Ireland, said it was time to ask the HSE if they have patient records stored in a robust way and if they have proper cyber defences for this type of ransomware.

"If they are moving to electronic records for all maternity hospitals they need to have their assurances in place as it is very difficult to have maternity services disrupted in this way."

 

 

Source: Irish health service hit by cyber attack

[mood]

Irish Health Service Says It Will Take Weeks and Tens of Millions of Euros to Get Back Online

 

• The Irish Health Service is not expecting to restore its IT systems soon, and it’s gonna cost a lot.
• Hospitals are now operating in “handwritten notice” mode, and all appointments have been canceled.
• The Conti group also attempted to hit the Department of Health, but their encryption effort failed.

 

 

It’s been a couple of days since the Irish National Cyber Security Center informed the public about a ransomware attack on the public health sector (HSE), and the organization is now in a position to give an estimation of when it’ll get back online. According to the latest information, it will take several weeks to recover from the ransomware attack, and rebuilding all of the affected IT systems will cost the operator tens of millions of euros.

 

The attack was the work of the ransomware group known as “Conti,” which launched the attack on Friday. The HSE responded by shutting down its systems to prevent the malware from propagating to the entire network. Thankfully, the COVID-19 vaccination program wasn’t affected by this incident, but all hospital appointments across the country were canceled. Health Minister Stephen Donnelly made the following statement on Twitter:

 

HUNDREDS OF PEOPLE ARE WORKING FLAT OUT IN RESPONSE TO THIS DESPICABLE CYBER ATTACK ON OUR HEALTH SYSTEM AND ON PATIENTS. WE'RE FOCUSED ON GETTING HEALTH SERVICES AND APPOINTMENTS FOR PATIENTS BACK ON TRACK AS QUICKLY AS POSSIBLE. (1/4)

— Stephen Donnelly (@DonnellyStephen) May 17, 2021

 

HSE’s COO Anne O’Connor told a local broadcaster that some systems are still working, albeit at a very slow pace due to the need to transcribe everything manually. As O’Connor described, hospital personnel is currently running around delivering hand-written results. Also, the official confirmed that the information of some hospitals was compromised, but this will be a matter to be investigated by the data protection office at a later stage.

 

The Irish Government has made it clear that they won’t pay the crooks any money, so there will be no negotiations with Conti. The ransom demand was set to $20 million in Bitcoin, and the threat also involves the leaking of 700 GB of unencrypted files that were stolen in the attack. The actors claim that these files include employee and patient information, payroll details, contracts, financial statements, and more.

 

Interestingly, NCSC’s report claims that Conti attempted to hit the Department of Health first, last Thursday, but they were only able to deploy Cobalt Strike beacons. No encryption ever took place there, and the investigators believe it was the presence of up-to-date systems and security tools that detected the ransomware payload and stopped it from executing. Unfortunately, the HSE systems weren’t protected equally well, and the results of this negligence were catastrophic.

 

 

Source: Irish Health Service Says It Will Take Weeks and Tens of Millions of Euros to Get Back Online