Irish Health Service hit by ransomware attack

HSE Reception entrance wall sign in English and Irish language
(Image credit: Shutterstock)

Ireland’s national health and social services provider, the Health Service Executive (HSE), has been forced to shut down its entire IT system following a ransomware attack.

The shutdown, which was done as a precaution, has led to outpatient medical appointments being postponed or cancelled.

However, HSE Chief Executive Paul Reid told Irish national broadcaster RTE that the country’s vaccination programme hadn’t been impacted by the cyber attack.

"The vaccination programme continues thankfully, it's a separate system,” he said.

Reid described the attack as “very sophisticated” and “not just the standard attack”.

Chief Executive of the HSE Paul Reid walking

(Image credit: Shutterstock)

“It is impacting all of our national and local systems that would be involved in all of our core services," he added. The perpetrator has not been named and HSE was not immediately available for comment.

The ransomware attack on HSE immediately drew comparisons to a similar incident that had affected its UK counterpart. Commenting on the news, Orange Cyberdefense UK director Stuart Reed said that the attack “comes almost exactly four years from the 12 May 2017 WannaCry ransomware attack on the NHS, which devastated services”.

The attack, which took place during the week between 12 and 18 May 2017, is thought to have affected over 200,000 computer systems across the world, disrupted the services of one-third of the UK's hospital trusts, and approximately 8% of GP clinics. It's believed that around 19,000 hospital appointments were cancelled as a result.


2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world


A subsequent investigation conducted by the Department of Health and Social Care found that the ransomware attack had cost the NHS an estimated total of £92 million, with the biggest cost being attributed to restoring its services to full operation and to the recovery of data.

With Reuters reporting that a Dublin hospital was forced to cancel all outpatient appointments apart from the most urgent cases, Reed said that “national critical services must ensure they have a well-defined incident response plan, should the worst happen, to ensure a continuation of vital services”.

“As ransomware attacks continue to gather momentum - this being the second in just one week, following the US Colonial Pipeline attack - hospitals and other critical services need to prioritise protecting themselves against these callous attacks, even on limited resources,” he added.

Sabina Weston

Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.

Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.