Irish health service hit by 'very sophisticated' ransomware attack
DUBLIN — Ireland’s health service operator shut down all its IT systems on Friday to protect them from a “significant” ransomware attack, crippling diagnostic services, disrupting COVID-19 testing and forcing hospitals to cancel many appointments.
Ireland’s COVID-19 vaccination program was not disrupted as it is on a different system, but the attack was affecting IT systems serving all other local and national health provision, the head of the Health Service Executive (HSE) said.
The HSE shut down the IT systems as a precaution to protect as much information as possible and was assessing how the attack would affect other services, Chief Executive Paul Reid said.
Reid said the cyber attack, discovered in the early hours of Friday morning, was a “human-operated ransomware attack where they would seek to get access to data and seek a ransom for it”.
The HSE had not received a ransom demand “at this stage” and was at a very early point in understanding the threat posed by what Reid described as a “very sophisticated attack”.
“This is having a severe impact on our health and social care services today. Individual services and hospital groups are impacted in different ways,” Health Minister Stephen Donnelly said on Twitter.
Reid said the attack was largely affecting information stored on central servers, not hospital equipment, and that emergency services continued to operate.
While scheduled COVID-19 tests will go ahead as planned on Friday, the HSE said its referrals system was down, meaning anyone else requiring a test must attend walk-in sites which are currently operating in just over half of Ireland’s 26 counties.
Dublin’s National Maternity Hospital said there would be significant disruption to all services on Friday. Another maternity hospital in the capital cancelled all outpatient appointments for the day other than those for women 36 or more weeks pregnant or in need of urgent care.
The state’s child and family agency, Tusla, said its IT systems, including the portal through which child protection referrals are made, are not currently operating.
At Cork University Hospital, the largest in Ireland’s second city, staff arrived to find IT systems paralysed, with all computers switched off.
“Our main concern is patient safety and results that might be outstanding, laboratory data that needs to be available to manage patient care today. It’s very distressing for patients,” Medical Oncologist Seamus O’Reilly told RTE.
Ransomware attacks typically involve the infection of computers with malicious software, often downloaded by clicking on seemingly innocuous links in emails or other website pop-ups. Users are left locked out of their systems, with the demand that a ransom be paid to restore computer functions.
They differ from a data breach or other types of hacking, which may steal large batches of customer data or other information from companies or individuals.