Irish Health Service Suffers ‘Significant’ Ransomware Attack

The Health Service Executive first noticed the attack early this Friday morning. Multiple hospitals are seeing delays.
Adam Rowe

The Irish health service has taken down its IT system temporarily to protect it following a “significant” ransomware hack. Health and social care services are deeply impacted.

It's the latest in the ongoing threat of attack from ransomware, the term for malicious software that locks up sensitive data, bringing essential organizations to their knees until a ransom is paid.

The Effect of the Ransomware Attack

The Health Service Executive first noticed the attack early this Friday morning, immediately informing the National Cyber Security Centre (NCSC) and beginning its crisis response.

As a result, hospitals around the Republic of Ireland are being disrupted. Dublin's Rotunda Hospital has cancelled outpatients visits, citing a “critical emergency,” the BBC reports, while National Maternity Hospital in Dublin has announced a “significant disruption.” St Columcille's Hospital and Children's Health Ireland at Crumlin Hospital have also postponed and delayed appointments.

Thankfully, COVID-19 testing and vaccinations are continuing on schedule, according to a tweet from Minister for Health Stephen Donnelly. Still, the impact of this cyberattack is already serious due to the nature of the services being slowed.

How the Ransomware Works

While it's still too early for much clarity around the situation, the HSE chief executive has said the type of software used was Conti ransomware.

Conti first appeared in late 2019 and was responsible for 13% of ransomware incidents across 2020, according to Kaspersky. This type of software works on a “double extortion” model, both locking victims out of the network and its data while also stealing the data to be publically released if the ransom isn't paid.

Office macros are a common entry point. Hopefully Microsoft has software updates in the works to address this particular ransomware, as standard precautions like password managers and VPNs won't stop future attacks.

Ransomware Attacks Remain a Major Issue

It's reminiscent of a ransomware attack in the US from late last week, one which resulted in the multi-day shut down of Colonial Pipeline, the largest oil pipeline in the nation.

In that case, Colonial paid the roughly $5 million ransom in cryptocurrency just hours after the attack, but the hackers were slow to fix the issue anyway, as their decrypting tool turned out to be sluggish.

There's one difference between these two cases: The Colonial ransomware attack was carried by a group called DarkSide, which claims to never attack medical services or facilities, while the Conti group clearly doesn't have any moral qualms about it.

As businesses continue adapting new software and upgrading hardware, we'll continue seeing new types of malware attacks. Those operating in a flexible or entirely remote workforce will need the best remote access software available to cope. And, it seems, not even the medical industry is safe.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for the last decade. He's also a Forbes Contributor on the publishing industry (and Digital Book World 2018 award finalist) and has appeared in publications including Popular Mechanics and IDG Connect. When not glued to TechMeme, he loves obsessing over 1970s sci-fi art.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals