Last Updated:

'Human-operated' Ransomware Attack Disrupts Ireland's Health Services, IT Systems Shut

We have taken the precaution of shutting down all our IT systems in order to protect them from attack and to allow us fully assess situation," Ireland HSE said.


(Image Credit: Unsplash/Representative Image)

Ireland’s state health services providers shut down their IT systems and halted all medical appointments amid the COVID-19 pandemic due to an unidentified  “ransomware attack,” the head of the Health Service Executive (HSE) announced in an update. “There is a significant ransomware attack on the HSE IT systems,” Ireland’s health state health provider said on Twitter. “We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us to fully assess the situation with our own security partners,” it revealed. Furthermore, the HSE said that while the sudden disruption of its services has caused inconvenience in booking future appointments, most healthcare facilities were going ahead as planned, including the COVID-19 vaccination appointments. 

“If you already have an appointment for a COVID-19 test, this will go ahead today. You should attend the test centre in your appointment as planned,” The Irish Health Service Executive said in an official release.

The hospitals, however, cancelled all outpatient appointments due to the cyberattack. Sources at HSE told tech-based news outlet, The Register, that authorities have reported a "human-operated" Conti ransomware attack. While the local Irish public service broadcaster RTÉ said, that the hospitals shut down their servers immediately as a precautionary measure, which included the oncology departments and the maternity department at Dublin's Rotunda Hospital. "The maternity hospital said all outpatient visits are cancelled - unless expectant mothers are 36 weeks pregnant or later," RTÉ aired a broadcast, adding that all gynaecology clinics “are also cancelled today.”

'Human-operated' ransomware

Chief of the Rotunda Hospital and a senior HSE bod told the local Irish press that the HSE apologises for the inconvenience to patients and to the public due to abrupt obstruction in medical services. Paul Reid, HSE chief exec, told Ireland's Newstalk FM radio station that the "human-operated" ransomware appeared to be the Conti strain. University of South Florida, US cited the VMware Carbon Black Threat Analysis Unit as describing the Conti ransomware “controlled by an adversary rather than executed automatically.”

It said, Conti “human operators” breach a network and laterally progress to gain the domain access and admin credentials for admin privileges. All COVID-19 vaccinations, as a security measure, were taken offline in Ireland. HSE’s chief executive, Paul Reid, told RTE Radio 1 that the ransomware “is very sophisticated”, and has the potential of compromising “all of national systems” involved in core services. 

First Published: