In Ireland, there was one isolated case of a WannaCry2 ransomware attack in a HSE-funded facility in Wexford on Saturday, according to the Department of Communications, Climate Action and Environment.
Last night, the HSE advised patient care would continue to be unaffected despite blocking access to external emails.
“In response to Friday’s global ransomware attack, the HSE’s eHealth Ireland function worked throughout the weekend to ensure that the health system was prepared for the return of large numbers of staff to work this morning,” a statement yesterday said.
“Due to this preparatory work, patient care has been protected and continues as planned.”
Apart from an isolated incident in Co Wexford, there were three suspected cases within the HSE network of a WannaCry2 malware attack.
“In each of the cases, the virus discovered was proven not to be the WannaCry virus, but an older virus for which protection was available,” the HSE statement said.
Communications Minister Denis Naughten will today brief the Cabinet with an update on the situation.
The National Cyber Security Centre (NCSC), based in the minister’s department, has brought in staff from the Defence Forces.
Mr Naughten said: “We have an incidence response team, we are strengthening the legislation in this area, we have the National Cyber Security Centre which is based within my own department, headed up by Dr Richard Brown, that is relocating to UCD in the coming months.
“We’re ramping up the staffing level in that centre. At the moment, we have staff seconded in from the Defence Forces and An Garda Síochána but that will continually ramp up.”
Mr Naughten described the attacks as “significant” and said Ireland was “lucky.”
“It is very significant, this particular attack. The big litmus test for us here in Ireland was whether we could rebuff this attack and we seem to have done it on this occasion,” said Mr Naughten.
“The systems we have in place, the protocols we have in place were tested, tested very robustly over the last number of days and we seem to have been quite lucky.
“There is a certain amount of luck involved in this because you can prepare yourself as much as you can but, until you actually receive an attack, it’s very hard to know whether the systems are robust and ours seem to have been on this occasion. But you don’t know what sort of vehicle is going to be used in the next attack.”
Yesterday, his department confirmed there had been no more reports of WannaCry2 ransomware attacks in Ireland, bar the case in the South-East.
Industry experts said there were “many pragmatic steps” businesses could take to reduce their risk in the event of a ransomware attack.
Pat Moran, the cyber leader at professional services firm PwC, outlined some of the steps organisations could take, such as effective backups of systems.
“Ensuring that individual user systems and key servers can be restored rapidly from backups and that the frequency of backups aligns to the timeframe of data your organisation is prepared to lose in the event of any system being rendered unusable,” is one such step, advised the cyber security expert.
“Ensuring that there are formal procedures in which employees and those responsible for the management of high priority incidents are well versed to streamline the organisation’s reaction to ransomware events,” is another step that can be taken according to Mr Moran.
PwC advised that businesses and organisations should not pay the ransom, “unless there is a threat to life”.