Advertisement

Irish Prime Minister says government won’t pay ransom after hack forces hospitals to alter services

In at least one case, a doctor said pregnant women were asked to stay home.
Irish Prime Minister Micheál MartinMicheal Martin holds a press conference on July 16, 2020 in Belfast, Northern Ireland. (Photo by Charles McQuillan/Getty Images)

Ireland’s public health care system on Friday shut down its IT systems in response to what it called a “criminal ransomware attack.”

Emergency departments have continued to operate normally, but health officials said in a statement Monday that they were working to get computer systems supporting maternity, infant care and radiology back online.

The ransomware intrusion at Ireland’s Health Service Executive (HSE), the $25 billion public health system, has forced hospitals in various parts of Ireland to alter their services. In some cases, hospital staffers say they have been in touch with pregnant women and encouraged them to not come to the hospital unless they are near their due date.

Irish Prime Minister Micheál Martin has said the government will not pay a ransom.

Advertisement

It was unclear when the HSE systems would be brought back online. Health officials said the network shutdown was temporary to contain the spread of the ransomware.

In the capital of Dublin, the Rotunda Hospital, a maternity care center, has canceled many outpatient visits. And UL Hospital Group, which runs six hospitals in western Ireland, said that most outpatient appointments and elective procedures would go ahead on Monday, but that “non-urgent patients may experience significant delays.”

Fergal Malone, a senior Rotunda Hospital official, said the hospital had to revert to pen and paper and to contact patients via text message.

“We’ve already texted all patients who have appointments today to let them know that, unless they’re over 36 weeks pregnant or unless they have an emergency or a concern about their baby, they probably shouldn’t come to the hospital,” Malone told Irish broadcaster RTE.

Advertisement

The IT systems that Ireland’s Child and Family Agency uses to collect online referrals about child safety were also offline because of the ransomware incident. The agency encouraged people to make referrals by contacting local offices.

The Irish government’s National Cyber Security Centre (NCSC) said that the attackers used Conti, a strain of ransomware that emerged a year ago and has been used in a variety of extortion attempts. The NCSC said it was working with the European Union and other allies to share data on the incident and “ensure that the HSE has immediate access to international cyber supports.”

In addition to the breach of HSE’s networks, there was malicious cyber activity on the network of the Irish Department of Health, the NCSC said. Investigators, however, thwarted the hackers’ attempt to execute ransomware “due to the deployment of tools during the investigation,” according to the statement.

It’s just one of many disruptions that ransomware has caused health services around the world during the coronavirus outbreak.

The pandemic has brought into sharp relief the digital vulnerabilities of the health sector as big hospitals and tiny clinics alike have had to deal with hacking. In 2020 alone, 560 healthcare facilities in the U.S. were impacted by ransomware incidents, according to security firm Emsisoft.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts