Irish officials warn of ongoing disruptions to health system, long recovery following ransomware incident

The incident, which Irish officials have blamed on Conti ransomware, has rocked the public health system.
Dublin's Rotunda Hospital, a maternity hospital where doctors have told pregnant women not to come to appointments unless they are near their due date or it's an emergency after a ransomware incident disrupted IT systems. (Flickr/Warren LeMay)

Irish officials say it will take “many weeks” to fully restore the IT infrastructure of the country’s $25 billion public health system following a ransomware attack last week.

While emergency departments continue to operate normally, Ireland’s Health Service Executive (HSE), as the public health  system is known, said Wednesday that patients seeking non-urgent care should expect long delays.

“Work continues today in assessing the impact and beginning to restore HSE IT systems,” the statement said. “This work will take many weeks and we anticipate major disruption will continue due to the shutdown of our IT systems. We should start to see some early signs of recovery in some sites over the coming days.”

The incident, which Irish officials have blamed on a popular strain of ransomware called Conti, has rocked the Irish public health system. One maternity hospital in Dublin told pregnant women not to come to the hospital unless they are near their due date or it is an emergency. The ransomware also disrupted the IT systems of the Irish government agency responsible for child welfare and social services.


“Hospitals are working to get priority systems back online including radiology and diagnostic systems, maternity and infant care, patient administration systems, chemotherapy and radiation oncology,” the HSE said Wednesday.

The Conti ransomware gang has reportedly demanded $20 million to decrypt HSE computers, but Irish Prime Minister Micheál Martin has said the government will not pay a ransom.

Recovering from the hack has been an international effort. The Irish government has brought in cybersecurity specialists at McAfee and has shared data on the intrusion with the European Union.

Recent ransomware threats in Ireland have extended beyond HSE: There was also malicious cyber activity on the network of the Irish Department of Health, the Irish officials have said. Investigators, however, thwarted the hackers’ attempt to execute ransomware “due to the deployment of tools during the investigation,” according to a statement from Ireland’s National Cyber Security Centre.

The Irish government’s refusal to pay off its extortionists comes amid scrutiny of a reported decision by Colonial Pipeline, a major U.S. fuel transporter, to pay a multimillion-dollar ransom following a hack earlier this month. U.S. lawmakers and security experts have criticized Colonial Pipeline for not sharing more details on the reported ransom, saying it makes it harder to address the ransomware problem.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts