A recent cyberattack on the health service for Ireland forced the government institution to take its dedicated IT systems offline, causing disruption.

The Health Service Executive (HSE), an organisation responsible for all social services and healthcare across the Republic of Ireland, confirmed that the raid on its systems was a ransomware attack and described the incident as “significant.”

Precautionary measures taken

To protect its network from the attack deployed by ransomware operators, the HSE stated it had taken steps to shut down the entirety of its IT systems as a precaution. In a public post made on popular social media platform Twitter, the organisation commented:

“There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.”

After apologising to members of the public and medical patients inconvenienced by the lack of service, the HSE stated it would issue additional information regarding the situation as soon as it became readily available.

When cyberattacks take place on systems, it is the legal obligation of enterprises and organisations to inform data subjects and data regulators of any breaches that take place, and service users must be warned of any potential risks following an incident.

Impact of a ransomware attack

Ransomware gangs select targets carefully, choosing operations that will suffer the most from the disruptions caused by attacks. The recent pandemic has seen multiple healthcare facilities both small and large struck by ransomware attackers who have taken advantage of the critical need for services to be fully operational to save lives.

Fortunately for HSE, the recent cyberattack on its systems did not affect the operations of the National Ambulance Service, and Ireland’s newly launched vaccination programme has not be negatively impacted.

Some appointments of outpatients, however, required cancellation due to the attack. The Rotunda Hospital in Dublin, a facility providing neonatal, maternity and gynaecological care, stated that unless women were 36 weeks pregnant or more, outpatient visits would be cancelled because of a serious IT problem.

At present, the type of crypto malware used in the assault aimed at HSE has not been confirmed, nor has the attack vector employed by the ransomware operators to penetrate the secure network. However, a statement made by chief executive for the HSE, Paul Reid, explained that Ireland’s health service was working closely with experts and the national authorities. Third-party specialists in cybersecurity and the Gardaí (Irish police force) are both providing their expertise and consulting on the recent attack.

Reid recently commented to local news channels:

“There has been no ransom demand at this stage.”

Ransomware attacks can see cybercriminals encrypt and hold data for ransom demanding massive payments for it to be returned safely, as seen in the recent raid on the US’s Colonial Pipeline where DarkSide operators claimed a bitcoin ransom close to $5m (£3.5m).