Ireland shuts down health IT system after ransomware attack

Outside Dublin’s Rotunda Hospital as Ireland’s health authority says it has shut down its computer systems after experiencing a “significant ransomware attack”, a week after the largest US fuel pipeline network was also targeted. (Image from AFP video/Agence France Presse)

 

by Joe STENSON
Agence France Presse

DUBLIN, Ireland (AFP) — Ireland’s health authority said Friday it had shut down its computer systems after experiencing a “significant ransomware attack”, a week after the largest US fuel pipeline network was also targeted.

The Irish attack was blamed on international criminals and was said to be targeting healthcare records, but officials said patient safety was not at risk.

“We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us (to) fully assess the situation with our own security partners,” the Health Service Executive (HSE) said.

“We apologise for inconvenience caused to patients and to the public and will give further information as it becomes available,” it added, stressing Ireland’s coronavirus vaccination programme was unaffected and “going ahead as planned”.

Ireland’s ambulance service is also “operating as per normal with no impact on emergency ambulance call handling and dispatch nationally”, the HSE added.

And Irish premier Micheal Martin was pressing ahead with a visit Friday to Britain to meet Prime Minister Boris Johnson amid tensions over Brexit, aides said.

Liz Canavan, a top official in Martin’s office, said the outage was also affecting child protection services, which are hosted on HSE servers.

But at a televised Covid-19 briefing, she stressed: “Emergency departments are operating as normal and if you need to attend a hospital, please do so.”

Another ransomware attack last Friday forced the shutdown of the United States’ largest fuel distribution system, leading to some panic buying at gasoline stations along the east coast.

Moscow has rejected US accusations that a Russia-based group was behind the cyberattack.

Ransomware attacks use a type of malware that encrypts files on an infected computer, normally via an email attachment or download, and demands money to unlock them.

HSE chief executive Paul Reid said the attack in Ireland was “an internationally operated criminal operation”, and the authority was working with police, the army and its major IT security providers.

“We are at the very early stages of fully understanding the threat,” he told Irish broadcaster RTE, adding it was trying to “contain” the issue.

– ‘Industrial-scale vandals’ –
The Rotunda maternity hospital in Dublin said that “due to a serious IT issue”, it was only admitting emergency cases and women who are at least 36 weeks pregnant.

Hospital chief Fergal Malone said the attack had targeted computers storing patient records.

Life-saving equipment is operating fine, “there’s no problem for patient safety”, and the hospital has switched to backup paper records, he told RTE.

“But obviously throughput will be much slower,” he said, urging out-patients with routine appointments to stay away.

The HSE said the attack was an adaptation of ransomware known as “Conti”, in which hackers have already compromised a computer system and lie low until springing their trap.

Last October, it emerged that the then-CEO of Finnish company Vastaamo had covered up a data breach that exposed the confidential treatment records of tens of thousands of psychotherapy patients.

Many patients reported receiving emails with a demand for 200 euros ($240) in bitcoin to prevent the contents of their discussions with therapists being made public.

In 2017, the United States and Britain blamed North Korea for the “WannaCry” ransomware attack that infected some 300,000 computers in 150 countries, including one-third of British hospitals.

This week, British Foreign Secretary Dominic Raab called for a global effort to counter online threats as he slammed countries including Russia, China, Iran and North Korea over cyberattacks.

Authoritarian states “are the industrial-scale vandals of the 21st century”, he said in a speech.

“They want to undermine the very foundations of our democracy,” Raab added, as Britain prepares to host a G7 summit next month.


© Agence France-Presse