Cyberthreat healthcare alert came months before HSE hit by hackers
The National Cyber Security Centre warned of potential ransomware attacks on the health service in October 2020, more than four months before the Health Service Executive was targeted by hackers, it has been revealed.
The health service was hit by a massive cyberattack earlier this year which caused chaos in hospitals, delayed patient care and and led to expected costs of almost €100 million.
A malicious file attached to a phishing email opened on March 18th led to a shutdown of the HSE’s computer systems once the Conti ransomware was “denotated” on May 14th.
The criminal gang behind the attack – believed by several observers to be most likely based in Russia – demanded $20 million (€17.7 billion) in Bitcoin.
The Government said no ransom would be paid and on May 20th the hackers posted a link to a key that decrypted files which had been encrypted by the ransomware.
Minister of State for eGovernment Ossian Smyth said he still does not know why the gang provided the decryption key, but suggested “there was a lot of pressure which they would not be used to”. Mr Smyth said he was told that gardaí believed the attackers were based in seven different jurisdictions.
The Green Party Minister also said that unlike the risk for private hospitals that had been hit by ransomware attacks, “the HSE was not going to go out of business. So those threats were not going to work. I think at some point they figured out that that combination of the world’s law enforcement and military intelligence pointing at them, while not getting any money, it was time to move on to another target.”
He said it was not like targeting an insurance company, adding that in those cases “you’re not going to find the…