Ireland Shuts Down Hospital Computer Systems Nationwide After Ransomware Attack

Ireland Shuts Down Hospital Computer Systems Nationwide After Ransomware Attack
File photo of the CEO of Ireland's Health Service Executive (HSE) Paul Reid (centre) and Chief of Staff of Ireland's Defence Forces, Vice Admiral Mark Mellett (left) with Irish Army cadets on March 13, 2020. (Photo: Paul Faith/AFP, Getty Images)

Ireland’s public health care system, known as the Health Service Executive or HSE, shut down all of its computer systems nationwide Friday after hospital administrators became aware of a cyberattack late Thursday.

The attack is being characterised as a ransomware hack, but it’s not yet clear if the hackers succeeded at acquiring enough data to hold hostage. Ransomware hackers will steal data that hasn’t been backed up sufficiently and refuse to return it until a certain amount of money has been paid, like in the Colonial Pipeline hack in the U.S. where nearly $US5 ($6) million was paid just yesterday.

“There is a significant ransomware attack on the HSE IT systems,” the HSE said in a statement posted to Twitter early Friday. “We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.”

All medical equipment at Ireland’s hospitals are reportedly still operational, according to the Irish Times, but registration and record-keeping have reverted to pen and paper. The nation’s ambulance service is also operating normally, according to the HSE, and covid-19 vaccinations are still taking place.

Ransomware hackers will also sometimes threaten to release sensitive information publicly, such as medical records, as another angle to make money. It’s not clear whether any patient records have been compromised.

Paul Reid, the CEO of HSE, told Irish radio that the attack was “significant” and they were working with the military as well as third-party experts on cybersecurity, according to the Irish Times.

“There has been no ransom demand at this stage. The key thing is to contain the issue,” said Reid.

Reid also said the perpetrators were an, “internationally operated criminal operation,” though didn’t go into specifics about who might be behind this attack on the Irish health system.

Fergal Malone, an administrator at the Rotunda Maternity Hospital in Dublin, told RTE Radio Ireland that his hospital was shutting down for everything deemed non-urgent and explained that doctors were currently unable to access the electronic records of patients. The radio host asked Malone when he expected the hospital would continue normal operations and he said they were simply taking it a day at a time.

“All appointment have been cancelled for today Friday 14th May. The only exception are for patients who are 36 weeks or over pregnant,” the Rotunda Hospital said in a statement to Ireland’s RSVP Live.

“Otherwise you are asked NOT to attend at the Rotunda unless it is an emergency. The Rotunda will issue updated information as soon as possible.”

Ireland’s HSE did not immediately respond to an inquiry emailed early Friday but Gizmodo will update this post if we hear back.