Health service 'functioning like it did in the 1970s' after cyberattack

HSE gradually restoring systems as damage is expected to take 'many weeks and tens of millions of euro' to repair
Health service 'functioning like it did in the 1970s' after cyberattack

Ireland's health service is scrambling to restore its systems after the ransomware attack by online criminals — and among the remedial actions is the reformatting of 150,000 laptops. 

The massive cyberattack on the HSE has left the health service “functioning like it did in the 1970s and 1980s”, with a wholesale reformatting of 150,000 laptops required to steady the ship.

The attack has left health services crippled in the face of a ransom demand from an international criminal gang, an act which Tánaiste Leo Varadkar described as “a heinous crime”.

Moves to restore the operational capacity of the health service are likely to take at least a number of weeks and will cost “tens of millions of euro”.

Up to 150,000 laptops will have to be reset in order to secure the HSE’s systems, as every way into the system needs to be secured.

Phased restoration of systems

The plan to reboot the system will see the 19 voluntary hospitals, which work independently of the HSE, brought back online first. Following that will be the service’s diagnostics systems, before finally communications and web-based systems will be brought back online.

The Government was briefed last night by HSE chief executive Paul Reid and the National Cyber Security Centre, which is managing the response to the attack.

It is understood they were told the health system has had to go back to how it functioned in the 1970s and 1980s, but that “no one knows how to work that way any more”.

Until the situation is resolved, appointments will continue to be cancelled.

In order to make any recovery plan work, the Government has been told to “do what you need to do in terms of money”.

Process will take 'many many weeks'

Earlier, former HSE chief executive Tony O’Brien said that he expected the resolution of the problem to take “many, many weeks” and to amount to “tens of millions of euro in cost”.

Mr O’Brien, who resigned from his post as chief executive in 2018, told RTÉ that the HSE has a “highly-skilled and capable ICT [information and communications technology] team, but the expenditure on IT security was about a quarter of what you would expect compared to other country’s health systems”.

Last night, the HSE said it had “serious concerns about the implications for patient care arising from the very limited access to diagnostics, lab services and historical patient records”.

'Despicable crimes'

Meanwhile, the Government said “no effort is being spared” to bring the systems back online.

“These ransomware attacks are despicable crimes, most especially when they target critical health infrastructure and sensitive patient data,” a spokesperson said, adding that any public release of the personal data of Irish citizens would be “utterly contemptible”.

Heather Humphreys, the acting justice minister, had earlier provided an update on the investigation into the attack, being led by the Garda National Cyber Crime Bureau. The main conclusion was that “it’s a criminal investigation”, dispelling the notion that the attack could have emanated from a foreign state.

“It’s espionage, a criminal extortion racket,” a source said.

Meanwhile, the Russian embassy in Ireland issued a statement condemning in the “strongest terms any type of criminal activity in cyber space, including this particular incident”.

Three key systems 'are working again'

Separately, Ossian Smyth, the Minister of State for Public Procurement and eGovernment, who has authority over the National Cyber Security Centre, said the three most significant systems at present — the pandemic systems that cover tracing, testing, and vaccination — are all operational once more.

“There are three stages [to the recovery],” he said. “The first two are containment and eradication, which we’re responsible for, and the last is recovery, which the HSE will handle. Stages two and three will happen simultaneously,”

Mr Smyth said the HSE is “well used to the disaster recovery” of failed IT systems.

“The criminals did attempt to destroy backups but I’m not aware that they have succeeded,” he said, adding that the HSE “has set up a war room and is running the operation from there”.

More in this section

Puzzles logo
IE-logo

Puzzles hub

Visit our brain gym where you will find simple and cryptic crosswords, sudoku puzzles and much more. Updated at midnight every day.

Puzzles logo
IE-logo

Puzzles hub

Visit our brain gym where you will find simple and cryptic crosswords, sudoku puzzles and much more. Updated at midnight every day.