A major cyber-attack on the HSE’s IT system on Friday is continuing to impact on patient management systems and services this week.
Through the sophisticated ‘Conti’ ransomware attack, criminal elements accessed data on the health service’s IT network and have demanded a $20 million ransom in return for the compromised or stolen data.
The Department of Health’s IT system was also the subject of a cyber-attack last week but an attempt to execute the malicious software was detected and stopped.
As many as 50 cyber-attacks occur per week in Ireland but these latest attacks are significantly impacting health services in the midst of a pandemic.
Ronan Murphy from Smarttech in Cork, which provides IT security services to hospitals and health services, said: “They have taken down an entire health service of an entire country in the midst of a global pandemic”.
An estimated 700 Gigabytes of data has been stolen, which represented “a lot of data”, he added.
The ransomware attack has “compromised” the HSE’s entire system and is impacting on services, equipment, and access to patient records.
The National Cyber Security Team, An Garda Síochána and Interpol are working with Government to respond to the ransomware attack, while the HSE works around the clock to restore its IT networks and systems.
More than 85,000 computers across the HSE have been shut down to contain the attack, meaning that hospitals and services are working in isolation from the central system, causing disruptions to services.
The HSE’s infrastructure consists of around 2,000 systems across thousands of separate locations and will require detailed on-the-ground work to restore and rebuild the network piece by piece.
Since Friday, the main impact has been on radiology services and blood test results. Laboratory services are also running at 10% capacity and are only dealing with priority samples for tests.
While many patient appointments continued on Friday and Monday, health services expect to cancel scheduled care for the rest of the week and emergency services are reporting delays because of the attack.
Private hospitals are also being used to provide cancer services and some diagnostics.
The Covid-19 vaccination rollout has been unaffected and the HSE also managed to restore testing and tracing systems over the weekend.
Former HSE boss Tony O’Brien said the attack was having a “substantial” impact on the 4,000 day case procedures and 12,000 outpatient appointments that take place every day across the health service.
The child and family agency, Tusla, has also been impacted by the attack.
The HSE has advised patients to check for updates on its website.
The HSE is working to identify what data has been stolen, including patient data.
The Data Protection Commissioner has been alerted of a “potential breach” and the HSE said it could not, at this stage, reassure patients that their data had not been compromised or would not be published online by criminals behind the cyberattack.
Health officials have said the damage caused by the ransomware attack will be significant and will take some time to resolve.
HSE boss Paul Reid said it could cost “tens of millions” of euro to carry out a “very significant rebuild” of the health service’s IT network.
Ronan Murphy from Smarttech estimated it would take “a number of weeks” at least to restore systems and the costs will run into “millions”: “There is no quick fix. This is a big problem”.
Cyber-attack in numbers:
- 50 cyberattacks per week in Ireland
- 2,000 systems across HSE IT network
- 85,000 computers shut down to contain attack
- 4,000 day cases and 12,000 outpatient appointments affected