Irish Prime Minister says government won’t pay ransom after hack forces hospitals to alter services
Ireland’s public health care system on Friday shut down its IT systems in response to what it called a “criminal ransomware attack.”
Emergency departments have continued to operate normally, but health officials said in a statement Monday that they were working to get computer systems supporting maternity, infant care and radiology back online.
The ransomware intrusion at Ireland’s Health Service Executive (HSE), the $25 billion public health system, has forced hospitals in various parts of Ireland to alter their services. In some cases, hospital staffers say they have been in touch with pregnant women and encouraged them to not come to the hospital unless they are near their due date.
Irish Prime Minister Micheál Martin has said the government will not pay a ransom.
It was unclear when the HSE systems would be brought back online. Health officials said the network shutdown was temporary to contain the spread of the ransomware.
In the capital of Dublin, the Rotunda Hospital, a maternity care center, has canceled many outpatient visits. And UL Hospital Group, which runs six hospitals in western Ireland, said that most outpatient appointments and elective procedures would go ahead on Monday, but that “non-urgent patients may experience significant delays.”
Fergal Malone, a senior Rotunda Hospital official, said the hospital had to revert to pen and paper and to contact patients via text message.
“We’ve already texted all patients who have appointments today to let them know that, unless they’re over 36 weeks pregnant or unless they have an emergency or a concern about their baby, they probably shouldn’t come to the hospital,” Malone told Irish broadcaster RTE.
The IT systems that Ireland’s Child and Family Agency uses to collect online referrals about child safety were also offline because of the ransomware incident. The agency encouraged people to make referrals by contacting local offices.
The Irish government’s National Cyber Security Centre (NCSC) said that the attackers used Conti, a strain of ransomware that emerged a year ago and has been used in a variety of extortion attempts. The NCSC said it was working with the European Union and other allies to share data on the incident and “ensure that the HSE has immediate access to international cyber supports.”
In addition to the breach of HSE’s networks, there was malicious cyber activity on the network of the Irish Department of Health, the NCSC said. Investigators, however, thwarted the hackers’ attempt to execute ransomware “due to the deployment of tools during the investigation,” according to the statement.
It’s just one of many disruptions that ransomware has caused health services around the world during the coronavirus outbreak.
The pandemic has brought into sharp relief the digital vulnerabilities of the health sector as big hospitals and tiny clinics alike have had to deal with hacking. In 2020 alone, 560 healthcare facilities in the U.S. were impacted by ransomware incidents, according to security firm Emsisoft.