Cyber attack 'most significant on Irish state'

  • Published
Cyber attackImage source, Getty Images

A cyber attack on Irish health service computer systems is "possibly the most significant cybercrime attack on the Irish state", a minister has said.

Speaking on broadcaster RTÉ, Ossian Smyth said the attack "goes right to the core of the [health] system".

However, he also said that it was "not espionage".

Taoiseach (Irish PM) Micheál Martin said that he had consulted with cyber security experts and that the state would not be paying a ransom.

He said it would "take some days" to assess its impact.

"What's important is people cooperate with the HSE," he said, and added that emergency services remain open, and the vaccine programme continues uninterrupted.

'International attack'

The health service has temporarily shut down its IT system to protect it after the attack.

Mr Smyth, who is minister for public procurement and eGovernment, said it was an international attack.

He added: "These are cyber criminal gangs, looking for money.

"What they're attempting to do is to encrypt and lock away our data, and then to try to ransom it back to us for money."

The Health Service Executive (HSE) said it had taken the precaution of closing down its systems to further protect them and assess the situation.

Mr Smyth said the Irish government is "deploying everything" in its response.

"It's widespread. It is very significant, and possibly the most significant cybercrime attack on the Irish State."

The National Cyber Security Centre (NCSC) has said the HSE became aware of a significant ransomware attack on some of its systems in the early hours of Friday morning and the NCSC was informed of the issue and immediately activated its crisis response plan.

Ireland's Health Minister Stephen Donnelly said the incident was having "a severe impact on [the] health and social care services".

The BBC is not responsible for the content of external sites.View original tweet on Twitter

Emergency services continued, he said.

Anne O'Connor of the HSE told RTÉ on Friday afternoon that if "this continues to Monday, we will be in a very serious situation and we will be cancelling many services".

A number of hospitals in the Republic of Ireland are reporting disruption to services.

  • Dublin's Rotunda Hospital has cancelled outpatients visits, due to a "critical emergency", unless women are 36 weeks pregnant or later. All gynaecology clinics are cancelled. It said those with any urgent concerns should attend.
  • The National Maternity Hospital in Dublin also said there would be "significant disruption" to its services on Friday "due to a major IT issue".
  • St Columcille's Hospital in Dublin said some virtual appointments and matters related to electronic records were postponed.
  • Children's Health Ireland (CHI) at Crumlin Hospital advised people there were delays and all virtual/online appointments had been cancelled.
  • The UL Hospitals Group, which consists of six hospital sites in the midwest, said in a statement that "long delays are expected" for patients attending its services. It said emergency services are still operating and people with an outpatient appointment or scheduled procedure should attend unless they are contacted and "advised otherwise".

The HSE is tweeting about what services have been affected.

The BBC is not responsible for the content of external sites.View original tweet on Twitter

In a tweet, Mr Donnelly said his department is working to ensure the systems and information is protected.

He added that Covid-19 vaccinations and testing would proceed as normal.

'Significant and serious'

Earlier, HSE chief executive Paul Reid told RTÉ's Morning Ireland it is working to contain a sophisticated human-operated ransomware attack on its IT systems.

He said that the cyber attack was affecting all national and local systems involved in all core services.

The BBC is not responsible for the content of external sites.View original tweet on Twitter

Mr Reid said the attack is focused on accessing data stored on central servers.

He said it is a major incident, but that no ransom demand has been made at this stage.

Computer viruses that threaten to delete your files unless you pay a ransom are known as ransomware.

Image source, RTÉ
Image caption,
Dublin's Rotunda Hospital has taken the precaution of closing down its IT systems to further protect them

Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it.

Rotunda Hospital Master Professor Fergal Malone said they had discovered during the night that they were victims of the ransomware attack, which is affecting all of its electronic systems and records.

Prof Malone said he believed it could also have affected other hospitals, which was why they had shut down all of their computer systems.

The BBC is not responsible for the content of external sites.View original tweet on Twitter

Prof Malone said all patients are safe and the hospital had contingency plans in place so it can function normally using a paper-based system.

He added that this would slow down the processing of patients, which is why the hospital was looking to limit the numbers attending appointments on Friday.

He said life-saving equipment was in operation and it was computers with healthcare records that have been affected.

The child and family agency, Tusla, said its IT systems are not operating as a result of the attack, as the agency is hosted on the HSE network.

It said any person wishing to make a referral about a child can do so by contacting the office in their area.

The HSE tweeted that the National Ambulance Service is "operating as per normal with no impact on emergency ambulance call handling and dispatch nationally".

'Zone of uncertainty'

Prof Seamus O'Reilly, oncologist at Cork University Hospital, said all of its computers had been switched off due to the cyber attack.

Prof O'Reilly said cancer care was time dependent on technology and the hospital is anxious to proceed with treatment.

Krysia Lynch, chair of the Association for the Improvement in Maternity Services in Ireland, said it was time to ask the HSE if they have patient records stored in a robust way and if they have proper cyber defences for this type of ransomware.