The HSE is grappling with a ransomware cyberattack. Here’s why ransomware is so crippling.
The HSE, Tusla and at least one hospital (the Rotunda) have been hit by “aggressive” ransomware overnight.
It’s malicious code that locks you out of your computer system completely. It asks you to pay a ransom, almost always in cryptocurrency like Bitcoin, in exchange for the attack to stop.
The ransomware wipes all of your computer system’s data or the hackers release some of the data publicly. For a business or an institution -- the main targets of ransomware attacks -- that can be financially or reputationally crippling. In the case of a hospital, it could be disastrous for patient records and privacy.
Speaking on RTE’s Morning Ireland, HSE boss Paul Reid said that it hasn’t yet received a specific demand. But we know that the average ransom paid last year was almost €300,000, according to industry figures from researchers like Palo Alto Networks’ Unit 42.
Sometimes it doesn’t -- the attackers often get in in sneaky ways, like by compromising staff accounts through social interactions or ‘phishing’ emails that dupe people into hitting a link or unwittingly downloading the ransomware.
Security experts say that the best ultimate defence, other than vigilance and good daily IT routines, is to have proper, separate backups of the organisation’s data. This way, even if the data is wiped, it can be retrieved from the backup.
Speaking on Morning Ireland, Master of the Rotunda Professor Fergal Malone said that it was the ‘Conti’ ransomware variant. It is not know who is behind the attack, but most ransomware attacks are carried out by cybercriminals. The Conti ransomware attack is an especially pernicious form of ransomware as it sometimes include double extortion. According to the IT security firm Sophos, the criminal gang will sometimes demand a ransom for unlocking the victim’s IT system, while also leaking some stolen data. The gang then adds a second demand for more money in exchange for not leaking any further stolen data.
The criminals are likely betting that because health records are very sensitive, there’s a reasonable chance they’ll get paid.
No. Ransomware attacks are now a regular occurrence for Irish organisations. Last month, both the National College of Ireland and Technological University Dublin’s Tallaght’s campus were hit by ransomware attacks.