Ireland’s health service shut down its IT systems Friday to protect them from a “significant” ransomware attack the government said was carried out by an international cybercrime gang.
The country’s health service, called Health Service Executive (HSE), posted on Twitter Friday morning that it shut down its IT systems following the attack in order to assess the situation with its security partners.
Appointments and elective surgeries were canceled at several hospitals and Deputy Prime Minister Leo Varadkar said the disruption could last for days, the Associated Press reported Friday.
“There’s lots we don’t know but it appears to be a ransomware attack by international criminals. The problem could run through the weekend and into next week, unfortunately,” Varadkar said according to the AP report.
The health service, which operates 48 hospitals throughout Ireland, said appointments for COVID-19 vaccinations were not affected. Varadkar said emergency services, ambulance services, GP systems and pharmacy systems also were unaffected but said there would be “major problems” for radiology services, radiation oncology, elective surgeries and obstetrics and gynecology appointments.
Cancellations in parts of the country included radiotherapy appointments, cardiac checks, x-rays, CT scans and the processing of non-emergency blood tests as some hospitals were hit harder than others.
RTE, Ireland’s national television and radio broadcaster, reported Friday that Micheál Martin, the country’s Taoiseach (prime minister), said Ireland will not be paying any ransom to the cybercriminals who perpetrated the attack.
The health system said “a ransom has been sought and will not be paid in line with state policy.”
The Minister of State for eGovernment Ossian Smyth said the cyberattack on HSE computer systems was “possibly the most significant cybercrime attack on the Irish State,” RTE reported.
Following an initial assessment, the HSE determined that the ransomware “is a variant of the Conti virus that security providers had not seen before.”
The HSE is working with the National Cyber Security Centre (NCSC) and other cybersecurity providers to restore its IT systems. The NCSC said the health system became aware of a significant ransomware attack on some of its systems overnight into Friday and the NCSC was informed of the issue and immediately activated its crisis response plan.
There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.
— HSE Ireland (@HSELive) May 14, 2021
The Irish health service expects to spend tens of millions of euros rebuilding its IT systems as a result of the cyber attack.
“What we have to do here is a very significant rebuild. This will be in the tens of millions in terms of impact on our systems, there’s no doubt about it,” HSE Chief Executive Paul Reid told national broadcaster RTE, Yahoo reported Monday.
Smyth, the e-government official, said he is not aware of any loss of data as a result of the cyberattack on the HSE’s IT system and that HSE backup servers, which store backup data, have not been affected.
In the U.S., San Diego-based Scripps Health, which operates five hospitals in the region, has been offline for two weeks following a cyberattack on May 1 that has significantly disrupted care and forced medical personnel to use paper records.
Healthcare organizations have been plagued by an uptick in cyberattacks in the past year as cybercriminals take advantage of the COVID-19 pandemic and disrupt operations at hospitals across the country.