The former chief information officer of the HSE, Richard Corbridge, who led the HSE’s response to the last cyber attack in 2017, has said that there was “a real and present risk” that patients’ data could be released.
Mr Corbridge told RTÉ radio’sthat the attack might not have been specifically targeted at the HSE, it could have been part of a wider probe of health systems across Europe to see where vulnerabilities lay.
In 2017 when the Wannacry ransomware attack occurred the HSE had been warned by the NHS who had sent “a bat signal” of a cyber threat, he said.
When asked if the Department of Health would have alerted the HSE when its system was attacked first last Thursday, Mr Corbridge said he would hope that was the case, but pointed out that given the timing it would have been very difficult for the HSE’s IT team to protect 85,000 entry points.
It was not necessarily a case that the HSE’s IT system was operating with a weakness, this situation had not been prepared for as it was unknown, it was a zero day attack. This was a challenge not just faced by the HSE, but by health systems everywhere trying to keep simple IT systems up to date while operating high tech diagnostic equipment.
The HSE had a great IT team who were trying to keep up to date “and that is really challenging.” They needed to be able to respond with agility and speed, utilising skills and leadership.
Mr Corbridge said he did not know how much detailed data had been taken as part of the attack, it was now in the hands of the attackers and there was a real and present risk that the data of patients would be “exposed.”