Ireland’s Health Service Executive takes servers offline to protect systems
Ireland’s Health Service Executive (HSE) has suffered a crippling ransomware attack. The cyber attack has impacted all HSE’s national and local IT systems. All servers have been taken offline to protect sensitive data.
Emergency services and the COVID-19 vaccination program are still operating. Most routine services are delayed.
HSE Chief Operations Officer Anne O’Connor became aware of the attack at 4:00 AM on Saturday, 15 May.
The cyber attack involves “zero-day threat with a brand new variant of the Conti ransomware,” according to O’Connor.
No personal information is believed to have been compromised however HSE does not know how Conti malware was able to compromise HSE’s IT systems.
Ransom demands are reportedly set at$20 million USD.
“We’re very clear we will not be paying any ransom or engaging in any of that sort of stuff,” Prime Minister of Ireland Taoiseach Micheál Martin said in a statement.
What is ransomware?
Ransomware is a type of unwanted and malicious computer code. It is used by cybercriminals to attack and encrypt computers, peripherals, and entire IT network. Ransomware attackers take control of the computers and block access to the rightful owners until their ransom demands are met.
Typically, they are looking for money to restore access to the encrypted files and restore access to the computers.
There is never a guarantee that paying a ransom or demand will restore access to hijacked data or networks.
What is a zero-day threat?
A zero-day threat is a security vulnerability that has not yet been discovered by cyber security researchers. That means no update or patch has been developed to mitigate the vulnerability. The first day of security bug is found is referred to as day zero.
HSE has stated that it will be a number of days until systems are operating normally. They are working with the National Cyber Security Centre (NCSC), An Garda Síochán, as well as third-party security experts to mitigate the attack.
Taoiseach Micheál Martin has said it will “take some days” to assess the impact of the cyber attack on the Health Service Executive’s IT system.
How to Protect Your Computer or Phone from Ransomware
- Use a strong and unique password for every online account. The average person has hundreds of online accounts including loyalty programs, banking, credit cards, social media as well as work logins. If you can’t create and remember a unique password for each one, then use a password manager to store them for you.
- Keep all devices – phones, tablets, computers, laptops up to date with the latest software. The infamous WannaCry ransomware attack that infected hundreds of thousands of computers across Europe compromised unpatched Microsoft Windows machines. Microsoft had developed a fix for the security vulnerability months earlier. No up-to-date machines were affected.
- If you are still running a Windows 7 computer, then it’s time to upgrade to Windows 10 or switch to a new machine. Microsoft is no longer issuing security fixes for Windows 7 and these systems are a target for hackers
- Use an antivirus program to scan incoming emails and protect your computer or phone from malware and malicious websites. Hackers often launch ransomware campaigns through phishing attacks sent to work emails or in the form of text messages.