May 25, 2022

Ireland’s Healthcare System Works to Rebuild After Ransomware Hit

Ireland’s public healthcare system is rebuilding 2,000 applications and other systems from scratch after a ransomware attack that disrupted operations at hospitals, doctors’ offices and other services across the country.

Technology experts and external consultants working with the Irish Health Service Executive are taking steps to make sure the ransomware is eradicated from the organization’s computers, said Ossian Smyth, Irish minister of state for communications.

“We’re focused on firefighting, resolution, cleanup and rebuild,” he said.

Attackers used ransomware known as Conti to attack the healthcare system last Friday and had attempted to hack the Irish Department of Health one day earlier, the government said. The Irish government said it received a ransom demand that it won’t pay, but hasn’t confirmed the amount hackers sought. The country’s Department of Social Protection also fended off a similar attempted cyberattack six months ago, Mr. Smyth said.

Some health services are still disrupted and X-ray appointments are canceled, the HSE said Wednesday. The HSE advised employees to keep work devices turned off and said they are working to restore email and

Microsoft Corp.’s

Teams services.

Security consultants are creating a new network on which experts will rebuild the software systems, making sure there are no lingering traces of the ransomware, Mr. Smyth said. Hundreds of people are involved in the restoration of around 2,000 distinct systems from hospitals, doctors and clinics, many of which were previously operated by religious or private organizations and were later absorbed into the public organization, he added.

Paul Reid, director-general of the HSE, said this week it will likely cost tens of millions of euros and take weeks to repair technology systems damaged by the ransomware.

Three systems that the HSE created in the last year to deal with the Covid-19 contact tracing, testing and vaccine management weren’t affected by the attack because they are based on new cloud technology, Mr. Smyth said. “I’d imagine the legacy systems on physical servers in data centers are probably much more vulnerable,” he said.

Richard Corbridge, who was the HSE’s chief information officer until 2017, said the organization’s technology infrastructure includes large-scale hospital systems that have been in use since the 1980s.

Irish officials don’t know was behind the HSE breach, but believe the attackers bought the Conti ransomware from another group of hackers, Mr. Smyth said. He declined to say which country the group selling the ransomware comes from.

Cybersecurity company

CrowdStrike Holdings Inc.

said in an October report that a Russia-based group known as Wizard Spider uses Conti and other ransomware strains. Conti is designed to extort victims and attackers have used it to steal data and then threaten to publish it online unless victims pay.

Mr. Smyth said the hackers are very likely to publish stolen data from the HSE online and investigators are checking dark web forums, Mr. Smyth said. “We do have a responsibility to reassure people and prepare them for when that happens,” he said.

In other cases, hackers who have used the Conti ransomware look for sensitive information to steal and then provide an analysis of their ransom fee based on the type of data they have, damage to the organization, and whether exposing the data could lead to regulatory investigations or fines, said

Ronan Murphy,

chief executive officer of Smarttech247, a cybersecurity company based in Cork, Ireland.

“These guys know what’s valuable and what’s not. They’re going to have their homework done, they’re going to take the data that’s going to inflict the most pain,” he said.

Mr. Murphy said that in prior negotiations he conducted with Conti hackers, he found that after receiving payment, they ultimately restored data they had encrypted. Smarttech247 is helping hospitals investigate and monitor their networks for possible ransomware infections related to the HSE attack.

Last week’s attack on the HSE had much more significant effects in Ireland than the 2017 WannaCry attack that hit the U.K.’s National Health Service, among several organizations, Mr. Smyth said. The Conti attack was crafted specifically to disrupt Irish healthcare, he said.

After the WannaCry incident, U.K., officials sent a warning to the HSE, said Mr. Corbridge, then CIO of the Irish system. Technology staff had several hours to prepare for the attack and quickly disconnected the healthcare system from the internet, he said. The HSE tripled its help desk staff over that weekend four years ago and updated its systems.

The moves prevented disruption, he said. “It was a Friday, Saturday and Sunday in May without a pandemic. It was a time when the healthcare system had a little more capacity than it does today,” he said.

Write to Catherine Stupp at [email protected]

Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

in Tech
Related Posts

Home Security Company ADT Betting on Google Partnership to Build Revenue

June 28, 2021

June 28, 2021

Security-system provider ADT Inc. is betting on its partnership with Google’s smart-home business to increase revenue as it struggles to...

Microsoft Discloses New Customer Hack Linked to SolarWinds Cyberattackers

June 26, 2021

June 26, 2021

Microsoft Corp. said hackers, linked by U.S. authorities to Russia’s Foreign Intelligence Service, installed malicious information-stealing software on one of...

Chinese Internet Regulators Investigate Startup After Tiananmen Square Anniversary Post

June 6, 2021

June 6, 2021

Shanghai-based Xiaohongshu—which means “Little Red Book” in Chinese and is backed by Alibaba Group Holding Ltd. and Tencent Holdings Ltd....

Sonos Works to Grow Malaysia Operation Despite Supply-Chain Issues

May 28, 2021

May 28, 2021

Speaker maker Sonos Inc. is working with suppliers to boost production capacity in Malaysia to lower its tariff costs, but...

CyrusOne Nears Deal to Be Sold to a Private Equity Buyer

November 12, 2021

November 12, 2021

CyrusOne Inc. is nearing a deal to be sold to a private-equity buyer that could value the data-center operator at...

Chinese Regulators Target Ride-Hailing Company Didi Just Days After IPO

July 2, 2021

July 2, 2021

Chinese regulators zeroed in on Didi Global Inc. on Friday, days after the ride-hailing company went public, by blocking its...

Google, Facebook, Amazon Among Those Set to Fight House Big Tech Antitrust Package

June 24, 2021

June 24, 2021

The House Judiciary Committee voted on Thursday to approve the final piece of its six-part package, the “Ending Platform Monopolies...

Credit Suisse Slashes Business With SoftBank and Its Founder, Masayoshi Son

June 18, 2021

June 18, 2021

Credit Suisse CS -2.40% Group AG and SoftBank 9984 -0.80% Group Corp. Chief Executive Masayoshi Son recently dissolved a longstanding...

U.S. Mandates Body Cameras for Federal Law-Enforcement Officers

June 8, 2021

June 8, 2021

WASHINGTON—The Justice Department will require federal agents to wear body cameras when executing arrest warrants or searching buildings, Deputy Attorney...

How to Make Workplace Technology Accessible to Everyone

June 11, 2021

June 11, 2021

Many companies struggle when it comes to providing inclusive technology in the workplace. People with disabilities routinely face challenges in...

The Executive Who Helps Salesforce Stay True to Its Founders’ Philanthropic Pledge

June 19, 2021

June 19, 2021

Ebony Beckwith occupies a powerful perch as chief philanthropy officer of Salesforce. com Inc. and head of its nonprofit foundation....

For Startup Leaders, SPACs Have Lost Their Allure

May 23, 2021

May 23, 2021

Startup chief executives are turning a cold shoulder to SPACs. Skeptical CEOs say they are turning down offers from special-purpose...

All-or-Nothing Investment Websites Used Wirecard for Card Payments

June 4, 2021

June 4, 2021

More than half a dozen websites that securities regulators alleged stole money from novice investors in the U.S., Canada and...

Why PCs Are Turning Into Giant Phones

June 19, 2021

June 19, 2021

Your next laptop will be like a smartphone—only bigger, more powerful and more capable. It’s a reversal of almost a...

App Taps Unwitting Users Abroad to Gather Open-Source Intelligence

June 24, 2021

June 24, 2021

WASHINGTON—A consumer app has assembled a workforce of hundreds of thousands of smartphone users world-wide, some of whom are being...