Ireland has refused to pay a bitcoin ransom to hackers who forced most of its healthcare IT systems to shut down, leaving doctors unable to access patient records and patients unsure of themselves. they should show up for appointments.
“A ransom has been demanded and will not be paid in accordance with state policy,” a spokesperson for the Irish Health Service Executive told the Financial Times on Friday evening, confirming reports that the ransom was demanded in the cryptocurrency.
Paul Reid, managing director of the Irish Health Service Executive, told a morning radio broadcast that the decision to shut down the systems was a “precautionary” measure after a “very sophisticated” cyberattack that affected national systems and local and was our basic services ”.
Some elements of the Irish health service remain operational, such as clinical systems and its Covid-19 vaccination program, which is fed by a separate infrastructure. The already booked Covid tests are also continuing.
However, the system for handling referrals from general practitioners and close contacts is down, the HSE tweeted, adding that those in need of testing should go to walk-in centers that would prioritize symptomatic cases.
“This has serious implications for our health and social care services today, but individual services and hospital groups are affected in different ways. Emergency services are continuing, as is the @AmbulanceNAS [the National Ambulance Service]Health Minister Stephen Donnelly wrote on Twitter.
No group has yet claimed responsibility for the attack, although Reid said Friday morning that it involved “Conti, human-operated ransomware”, referring to the type of software used. Conti was first detected in December 2019, and hackers believed to be based in Russia or Eastern Europe typically demand a median ransom of $ 240,000, according to research conducted by Arete Advisors.
“We are at the very beginning of a full understanding of the threat, the impact and the attempt to contain it,” said Reid, adding that they were receiving assistance from the Irish police, defense forces and military personnel. third-party IT support teams.
HSE Twitter feed features a long list of updates from hospitals on services they are canceling, including things like elective radiation therapy, x-rays, physiotherapy, and cardiac diagnostic services. Some of the cancellations go until Monday.
The director of Rotunda Maternity Hospital in Dublin said he was advising patients who are pregnant under 36 weeks not to show up for appointments on Friday. In a statement, University Hospital Cork said patients should come for outpatient appointments, chemotherapy and surgery “unless you are contacted to cancel” but radiology appointments and radiation therapy for Friday were canceled.
Professor Donal O’Shea, consultant endocrinologist at St Vincent’s Hospital in Dublin, told RTE radio there could be implications for patient care. “Clinical systems haven’t been targeted, but if you can’t access your computer, you can’t get results. . . so soon there will be clinical implications, ”he said. In its statement, Cork University Hospital said “only emergency blood” would be treated at this time.
Reid said patients nationwide “should always come forward until they hear something different.”
Health workers told FT that they had been switch off their laptops, leaving home staff offline, and those working in hospitals are reverting to pen and paper to manage patient information.
In one declaration On its website, the Irish Child and Family Agency Tusla said its emails, internal systems and child protection referral portal were also offline as they were hosted by the HSE network.
The attack comes as the actions of cybercriminals to disrupt public services have escalated during the pandemic. Earlier this month, hackers believed to be from Eastern Europe violated the computer systems of the Colonial pipeline, a major fuel line that supplies much of the eastern United States.
“Opportunistic cyber attacks targeting flooded healthcare organizations have been a common theme throughout the pandemic,” said Charlie Smith, consulting solutions engineer at Barracuda Networks. “These crooks realize the enormous importance of healthcare IT systems today and will therefore stop at nothing to disrupt these systems or steal valuable data in exchange for ransom.”
Additional reporting by Hannah Murphy in San Francisco
