The head of the Irish Health Services (HSE) warns they are at risk of further disruption for months as they continue to recover from a ransomware attack. The HSE, responsible for healthcare and social services across the Republic of Ireland, was the victim of a “major” ransomware attack on May 14.
The attack was attributed to the Conti ransomware group. Cybercriminals provided the HSE with a free decryption tool, but threatened to publish the information stolen in the attack – which could constitute a violation of patient privacy – if the ransom demanded, of $ 20 million in bitcoins, is not paid. However, the HSE is committed not to give in to blackmail.
A slow and complex process
But, even with the right decryption key, network restoration is a slow and arduous task for the HSE. Health services across Ireland remain disrupted as hospitals attempt to treat patients despite limited IT services and no internet access, which means appointments are still delayed or canceled.
“The process of restoration, and the exercise of due diligence that goes with it, necessarily takes time. While we can effectively decipher the data, this is only one piece. Malware also needs to be eradicated, ”said Paul Reid, Managing Director of HSE, to the National Parliament’s Joint Committee (Oireachtas) on Health.
“Decryption takes much longer than the original encryption, and malware eradication involves additional work to ensure that perpetrators have no path back into our systems,” he says. .
Financial and human costs
Paul Reid says the HSE has decrypted 75% of its servers, and 70% of end-user devices are now accessible to staff. However, disruptions to patient services are expected to continue for some time, although IT staff, cybersecurity experts and the Irish Defense Force are working seven days a week to restore the network to a fully operational state.
“The damage caused by this cyberattack should not be underestimated. There are certainly financial costs, but there will unfortunately also be human costs, ”laments the Director General of HSE. “I assure the members and the public that we are doing everything possible to restore the systems. I should also warn you that it will probably be months before systems are fully restored. “
The HSE warns that emergency departments are very busy due to computer outages and significant delays are to be expected, while many X-ray appointments are canceled.
A permanent risk for organizations
Essential and urgent services, including the Covid-19 vaccination, are functioning, but patients are warned they could experience delays as “systems are not functioning as usual” due to “critical IT systems” still out of service as a result of the ransomware attack.
Paul Reid told the committee that following the ransomware attack, “important lessons will be learned about what additional protections can be put in place,” and that the fact that the ransomware attack occurred means that ‘there were “obvious vulnerabilities” in the network.
It also warns that the ransomware and “highly skilled criminal organizations” behind ransomware attacks pose a significant risk to all organizations. “The whole world needs to improve its strategy,” he adds.
Source : ZDNet.com
–
