November 27, 2022

Irish Healthcare System Struggles With Tech Disruptions After May Ransomware Attack

Ireland’s healthcare service is still slowly restoring its technology systems five weeks after suffering a ransomware attack, highlighting the painful process of bringing back online thousands of damaged computers.

Two weeks ago, some of the technology systems in Children’s Health Ireland’s three hospitals were restored but are now operating more slowly than before, said Eilish Hardman, chief executive of the group. Around a third of scheduled outpatient appointments have been postponed, 80% of hardware devices replaced and internal email still isn’t running normally, she added. It will be several weeks until all computer systems work again, she said.

Doctors and lab technicians used pen and paper for most of the past month, she said, and corporate and administration staff hand-carried lab reports to clinicians.

“It sent us back almost into the ’70s, being paper-based,” she said.

On the morning of May 14, attackers using the Conti ransomware strain took down the Irish Health Service Executive, the country’s public healthcare system, resulting in cancellations and delays of medical appointments around the country. As of Thursday, around 55% of HSE’s servers used for important medical system infrastructure had been restored and 58% of its servers had been decrypted.

“It’s been a 35-day hell,” Paul Reid, the healthcare executive’s director general, told a news conference on Thursday. “It will continue to be a longer haul over the next few weeks, if not likely into months,” he said.

Ransomware attacks often leave victims struggling to bring back compromised technology systems for long periods. The Scottish Environment Protection Agency was also attacked by a Conti gang last year on Christmas Eve and is still bringing back some of its systems, Terry A’Hearn, the agency’s chief executive, said at the WSJ Pro Cybersecurity Executive Forum this month.

“Knowing early how long it would take to recover would have been helpful in managing some of the impacts,” he said.

AT HSE, security and IT staff have been working to bring back more than 2,000 separate computer systems and applications, some of which were decades old. The organization is rebuilding some systems and upgrading others. Hospitals and healthcare offices with older computer systems suffered more disruption from the ransomware attack than newer applications. Three cloud-based platforms built in the past year for Covid-19 contact tracing, testing and vaccines weren’t affected.

The HSE’s large IT infrastructure includes many applications that connect and use data from other applications, which can make it difficult to properly restore services if others are still down, said Simon Woodworth, a lecturer in business information systems at University College Cork who conducts research with the HSE. “What you have is a system that’s both complex and also brittle,” he said. “It breaks easily and if one part breaks, another part breaks.”

For systems already restored, there are other risks, including making sure information taken in writing is correctly entered into patient records, said Anne O’Connor, the HSE’s chief operating officer, speaking at the news conference.

Paul Reid, director general of Ireland’s Health Service Executive



Photo:

Niall Carson/Zuma Press

Hackers initially threatened to publish data they stole from the healthcare system online if officials didn’t pay a ransom fee of around $20 million, according to screenshots of the demand that the ransomware group posted online. Conti ransomware gangs have previously stiffed victims, and in one case restored only a small portion of encrypted data after a victim paid the ransom, according to a report published Friday by cybersecurity company

Palo Alto Networks Inc.

Top HSE and government officials were adamant that they wouldn’t pay any ransom, saying doing so would violate government policy.

Government officials and the Irish police warned the public that their private health information could be posted on the internet. Ireland’s data protection commissioner published a blog post about how individuals should deal with threats from scammers trying to capitalize on their data. So far, hackers haven’t posted patient data from the HSE.

One week after the attack, hackers offered the decryption key free of charge and without explanation.

Wary HSE technologists worked with external cybersecurity consultants to make sure the key was safe to use and wouldn’t unleash more malware, Ossian Smyth, Irish minister of state for communications, said in an interview.

While Irish healthcare and government officials were relieved that sensitive data from millions of citizens wasn’t published online, they now have to pay several multiples of the hackers’ ransom demand, Mr. Smyth said. Because the decryptor works, although slowly, the government doesn’t expect the HSE to lose data, he added.

Mr. Reid previously said the recovery efforts would cost at least 100 million euros, equivalent to $119 million.

“Even when you’ve got the key, unlock the data, prevent the two threats, you’re still left with destruction to the service,” he said, referring to the hackers’ threat to keep data encrypted and publish stolen information. “Once you get attacked by these people, there isn’t a clean way out,” he said.

Doctors and staff in the three childrens’ hospitals have been working hard and adapting to manual workarounds because of the technology problems, Ms. Hardiman said. She hopes some can take time off over the summer. “It’s been a tough 15-16 months now with Covid, and this was a devastating cyberattack,” she said.

Write to Catherine Stupp at [email protected]

Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

in Tech
Related Posts

Hackers Target Videogame Publishers for Ransom, Source Code

June 15, 2021

June 15, 2021

Gamers have struggled for years with hackers who cheat and take over accounts. Now, videogame studios are coming under serious...

China’s New Power Play: More Control of Tech Companies’ Troves of Data

June 12, 2021

June 12, 2021

Shortly after rising to power in late 2012, Xi Jinping made his first company visit in his new job as...

Lobbyists for Silicon Valley Giants Like Facebook Find Glory Days Are Over

June 17, 2021

June 17, 2021

WASHINGTON—President Biden’s decision to name the progressive antitrust crusader Lina Khan to lead the Federal Trade Commission is a stark...

GameStop Remakes C-Suite, Board in Turnaround Push

June 9, 2021

June 9, 2021

The company named two Amazon.com Inc. veterans as its chief executive and chief financial officer, and shareholders voted Ryan Cohen...

Drones Flying Near Airports, Infrastructure Prompt U.S. Action

May 20, 2021

May 20, 2021

Federal agencies are scrambling to address a surge in the use of consumer drones as the unmanned aircraft crowd the...

FBI Director Compares Ransomware Challenge to 9/11

June 4, 2021

June 4, 2021

FBI Director Christopher Wray said the agency was investigating about 100 different types of ransomware, many of which trace back...

Ransomware Boom Forces More Companies to Cut Deals With Criminals

May 20, 2021

May 20, 2021

Kurtis Minder got into the ransomware negotiation business by accident early last year. The startup he co-founded, GroupSense Inc., monitors...

CyrusOne Nears Deal to Be Sold to a Private Equity Buyer

November 12, 2021

November 12, 2021

CyrusOne Inc. is nearing a deal to be sold to a private-equity buyer that could value the data-center operator at...

Warehouse Operators Turn to Wearable Technology to Solve Workplace Strains

June 29, 2021

June 29, 2021

Your next load of groceries may be moved by a modern-day bionic man or woman. The U.S. supply-chain arm of...

Quanergy to Go Public Through SPAC Deal

June 22, 2021

June 22, 2021

Quanergy Systems Inc., a provider of lidar sensors and 3-D perception software, is going public through a combination with a...

Florida’s New Law Bars Twitter, Facebook and Others From Blocking Political Candidates

May 25, 2021

May 25, 2021

Florida Gov. Ron DeSantis signed a bill on Monday aimed at making big tech platforms more accountable for their content...

Amazon Could Use Less Prime Time

June 22, 2021

June 22, 2021

Prime Day has long been about more than Amazon just keeping itself busy over the slow summer. But this may...

Sexting Among Kids Is Bigger Than Ever—and Often Illegal. Here’s How to Talk to Your Child.

June 5, 2021

June 5, 2021

Lauren Anjema was in sixth grade the first time a boy asked her to send him a nude photo of...

Roku Plans to Develop More Than 50 Original Shows in Next Two Years

November 19, 2021

November 19, 2021

Roku Inc., the nation’s biggest pathway to streaming services, wants to become an entertainment force in its own right. The...

Technology Fills the Gap as Jobs Lag GDP

June 9, 2021

June 9, 2021

The economy is booming. Why isn’t job growth? Payrolls have risen 1.6 million in the past three months and are...