Irish officials say it will take “many weeks” to fully restore the IT infrastructure of the country’s $25 billion public health system following a ransomware attack last week.
While emergency departments continue to operate normally, Ireland’s Health Service Executive (HSE), as the public health system is known, said Wednesday that patients seeking non-urgent care should expect long delays.
“Work continues today in assessing the impact and beginning to restore HSE IT systems,” the statement said. “This work will take many weeks and we anticipate major disruption will continue due to the shutdown of our IT systems. We should start to see some early signs of recovery in some sites over the coming days.”
The incident, which Irish officials have blamed on a popular strain of ransomware called Conti, has rocked the Irish public health system. One maternity hospital in Dublin told pregnant women not to come to the hospital unless they are near their due date or it is an emergency. The ransomware also disrupted the IT systems of the Irish government agency responsible for child welfare and social services.
“Hospitals are working to get priority systems back online including radiology and diagnostic systems, maternity and infant care, patient administration systems, chemotherapy and radiation oncology,” the HSE said Wednesday.
The Conti ransomware gang has reportedly demanded $20 million to decrypt HSE computers, but Irish Prime Minister Micheál Martin has said the government will not pay a ransom.
Recent ransomware threats in Ireland have extended beyond HSE: There was also malicious cyber activity on the network of the Irish Department of Health, the Irish officials have said. Investigators, however, thwarted the hackers’ attempt to execute ransomware “due to the deployment of tools during the investigation,” according to a statement from Ireland’s National Cyber Security Centre.
The Irish government’s refusal to pay off its extortionists comes amid scrutiny of a reported decision by Colonial Pipeline, a major U.S. fuel transporter, to pay a multimillion-dollar ransom following a hack earlier this month. U.S. lawmakers and security experts have criticized Colonial Pipeline for not sharing more details on the reported ransom, saying it makes it harder to address the ransomware problem.