| 18.4°C Dublin

ransom demand Thousands of critically ill patients at risk following cyber-attack on HSE from hackers

International criminals demand ransom but Government insists it will not pay the hackers


(Stock image)

(Stock image)

(Stock image)

TENS of thousands of patients across the country risk having their life-saving treatment disrupted for days as the health service is crippled by an aggressive cyber attack.

It is feared it will be well into next week before the HSE is able to restore services after the cybercrime break-in.

The HSE confirmed that a Bitcoin ransom had been demanded by criminals that paralysed its computers but insisted it would not be paid.

Around 17,000 hospital patients a day, many ill with cancer and heart disease, will be affected.

Yesterday, patients needing radiotherapy and chemotherapy for cancer treatment had their hospital appointments cancelled.

Doctors were locked out of their computers from vital test results and essential patient data.

Cork oncologist Professor Seamus O'Reilly told the Herald that there will be an effect on patient care.

"It is extremely disruptive. For patients who are awaiting tests they cannot be done and for those who had them we cannot access the results," Prof O'Reilly said.

"Every computer we would have gone to has been shut down completely."

Outpatients in many hospitals have been cancelled on Monday, although people are advised to turn up unless they are contacted.

One of the most severely hit areas are diagnostic scans including X-rays, which will delay diagnosis.

The Rotunda maternity hospital in Dublin is cancelling certain outpatient clinics on Monday and Tuesday.

The fight against the pandemic also suffered a setback as GPs are unable to electronically refer people with symptoms of Covid-19 to testing centres.

The HSE is urging people to avail of testing centres and to self-isolate if they have symptoms.

Sunday World Newsletter

Sign up for the latest news and updates

This field is required This field is required

However, there will be a delay in getting test result.

Covid-19 vaccinations are going ahead today for people with appointments and the portal to register for a jab, which had been out of order, was reopened last night.

HSE chief clinical officer Dr Colm Henry said it will take a number of days before services are restored.

Taoiseach Micheál Martin said it had been made "very clear" that no ransom will be paid.

He declined to say who the "international criminals" behind the attack are.

"We're dealing with this in accordance with advice that we have received from cyber security experts," he said.

"I think we're very clear we're not going to be paying any ransom or engaging in any of that sort of stuff."

He said it is not yet clear if patient data had been compromised.

"People with the know-how are on this case."

"We have the people in place, the have the capacity and we have the systems in place to deal with this.

"The impact is something that has to be dealt with in a methodical way.

"It will take some days to assess the impact and that is the proper way to do this."

It comes as specialist gardaí are braced for more cyber attacks on the scale the HSE ransomware attack.

"This type of crime is the number one international threat at this time and is estimated that cyber crime will cost up to €5trn globally before the end of this year," a senior source said.

"It was only a matter of time before a cyber attack on this huge scale happened here and unfortunately all the indications are at there will be more to come."

The Garda National Cyber Crime Bureau (GNCCB) is working with other agencies in the National Cyber Security Centre (NCSC) in attempting to "manage" the situation.


A locked up out patients department at the Rotunda Hospital this morning, due to a  cyber attack on the Health Service Executive computer systems

A locked up out patients department at the Rotunda Hospital this morning, due to a cyber attack on the Health Service Executive computer systems

A locked up out patients department at the Rotunda Hospital this morning, due to a cyber attack on the Health Service Executive computer systems

However, gardaí have not yet launched a full investigation.

A "significant" ransom demand has been made to the HSE, which the Government says it will not pay.

"The situation at the moment can be best described as a fire and forensic cyber experts are attempting to contain the fire and these people can be described as firefighters," the senior source said.

"It is when the metaphorical fire is put out that gardaí will then fully get involved in this and the GNCCB will be the lead agency at that stage but at the moment the HSE is the lead agency."

Hospitals and other health services are having to revert to paper-based systems in a bid to maintain patient care but key data about essential areas around medical history is paralysed and not accessible in computers

The HSE said it hoped to meet as many appointments as possible but delays should be expected while hospitals move to manual or offline processes.

People are urged to attend A&E only in emergency situations but they are open to patients.

Referring to people with possible Covid-19, the HSE said that GPs cannot electronically refer them to a testing centre.

However, it said: "If you have Covid-19 you should still phone your GP. They may advise you to go to a Covid-19 walk-in centre.

"If you are a close contact you can also use a walk-in test centre."

It is suspected that the international hackers behind the cyber attack are "most likely" based in eastern Europe, possibly Russia, but they are "almost untraceable to law enforcement", according to sources.

"The prospect of the organised crime gang involved in this being caught is extremely remote," a source said.

"But this entire situation is also a no-win for them as there is no prospect that the State will pay up a ransom and there is the potential that this attack could lead to a lot of attention on them."

The ransomware known as Conti, which has been in existence since last May, may have had been embedded in the HSE's IT systems for a number of days before the cyber attack was discovered in the early hours of yesterday.

Conti has been used to attack more than 50 organisations in April 2021 alone and has been used to leak data stolen from hospitals internationally.

China is the greatest cybersecurity threat in the world today, followed by Russia, Iran and North Korea.

John Demers, the assistant attorney general at the US National Security Division, also warned that Ireland is a target for cybercriminals due to the large amount of data stored here.

"It is for this reason that it is not a huge surprise that something like this has happened here," the source said.

The nationwide ransomware attack may have been caused by something as simple as an employee clicking on a link in an email after the HSE's IT systems were compromised by the criminals.

Conti operates "double extortion" - it not only encrypts information, but it can also steal and threaten to expose it.

Download the Sunday World app

Now download the free app for all the latest Sunday World News, Crime, Irish Showbiz and Sport. Available on Apple and Android devices

Top Videos