Ransomware hackers compromise critical health systems in Ireland

Health authorities in Ireland announced that patients who do not require urgent services will experience a “significant delay” in hospitals after a severe ransomware infection compromised all medical systems in the country. The Health Services Executive (HSE), the country’s health authority, released this situation in a statement sent on Monday night.

Authorities are working on recovering affected systems in collaboration with cybersecurity firms and ransomware experts: “Our priority is to keep critical patients safe and keep essential services running; we do not deny that there are serious concerns because of the nature of the affected systems,” the statement points out.

In the message the HSE made it very clear that it does not plan to pay the ransom demanded by the hackers. The authority mentions that at the time of the attack there were about 2,000 systems used to treat patients in delicate processes, so they will need to restore their services as soon as possible.

The HSE added: “The infection is advancing at the rate we had anticipated, so we have implemented step-by-step measures to mitigate the risk of further new infections. We are also looking for temporary solutions for enabling some critical servers.”

On the other hand, The director of the Irish Computer Security Incident Response Team (IRISS-CERT) Brian Honan mentions: “We must not forget that this was the work of an unscrupulous cybercriminal group that had no problem attacking critical infrastructure dedicated to the health of the Irish; the search and capture of these hackers should be a priority for our authorities.” Honan concluded by mentioning that ransomware abounds in Ireland, and the recorded incidents are not very different from those in many other countries where ransomware attacks are much more common.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.