'Significant' ransomware attack forces Ireland's health service to shut down IT systems

IT systems for Ireland's health service have been taken offline as a "precaution" and some outpatient appointments have been cancelled.

Ransomware and hospitals: Why cyber criminals are targeting healthcare during coronavirus and how to stop them

Ireland's health service has taken all of its IT systems offline as a precaution after what the organisation describes as a "significant" ransomware attack.

The Health Service Executive (HSE), which is responsible for healthcare and social services across all of Ireland, said it had shut down all IT systems as a "precaution" in order to protect the network from a ransomware attack.

"There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners," HSE said on Twitter.

"We apologise for inconvenience caused to patients and to the public and will give further information as it becomes available."

SEE: Network security policy (TechRepublic Premium)

HSE said Ireland's COVID-19 vaccination programme is not affected by the ransomware incident and the National Ambulance Service is operating as normal.

Some outpatient appointments are being cancelled because of the cyberattack – Rotunda Hospital Dublin, which provides maternity, neonatal and gynaecology care, said that unless women are 36 weeks pregnant or later, "Due to a serious IT issue all outpatient visits are cancelled today".

Ransomware is a form of malware that cyber criminals use to encrypt networks then demand a payment – often in Bitcoin – in exchange for the decryption key. Ransom demands can reach millions of dollars.

It's currently not known what variant of ransomware has attacked HSE or how it infiltrated the network, but Paul Reid, chief executive of the HSE, has said the health service is working with the defence forces, the gardaí – the Irish police – and third-party cybersecurity experts in response to the attack.

SEE: Ransomware just got very real. And it's likely to get worse

According to The Irish Times, Reid told RTÉ's Morning Ireland that the attack was "significant" and "human operated", but that no ransom demand had yet to be received. 

"There has been no ransom demand at this stage. The key thing is to contain the issue," he said.

The ransomware attack against HSE comes in the same week that a ransomware gang walked away with almost $5m in Bitcoin after a successful ransomware attack targeting Colonial Pipeline, one of the largest pipeline operators in the United States.

MORE ON CYBERSECURITY