Ransomware attack downs systems for health service in Ireland 

A ransomware attack has caused widespread disruption this morning – forcing the cancellation of outpatient appointments – for Ireland’s health service.

The cyber incident forced the Health Service Executive to take its systems offline to protect them from further harm, the national body said.

State broadcaster RTÉ said Dublin’s Rotunda Hospital has cancelled ‘most’ of its outpatient visits on Friday, with all gynaecology clinics suspended.

Health bosses urged only those with the most urgent concerns to attend with the maternity unit also cancelling visits to anyone except women who are 36 weeks pregnant or later.

In a statement posted on Twitter the HSE said: “There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.

“We apologise for inconvenience caused to patients and to the public and will give further information as it becomes available. Vaccinations not effected [sic] are going ahead as planned.

The National Ambulance Service are operating as per normal with no impact on emergency ambulance call handling and dispatch nationally.

HSE chief executive Paul Reid told RTÉ’s Morning Ireland that it is working to contain a sophisticated ‘human-operated ransomware attack’ on its IT systems.

He said that the cyber attack was having an impact on all national and local systems involved in all core services.

Reid said the health service is working with the gardaí, the national police service, the defence forces and third party cyber security experts to respond to the cyber attack, adding that it was an “an internationally operated criminal operation”.

He said: “It’s a very sophisticated attack. It is impacting all of our local and national systems that would be involved in all of our core services. We did become aware of it during the night and obviously we acted on it straightaway; the immediate priority is to contain it but it is what we call a human-operated ransomware attack where they would seek to get access to data and seek a ransom for it.

“We’ve taken the precautionary measure to shut down a lot of our major systems to protect them.”

Reid said that most of the effects appeared to be on the shared IT networks used for holding and transferring patient data between systems, rather than patient critical services – such as intensive care and life support – which operate largely on standalone infrastructure.

Deryck Mitchelson, ‎director of national digital and information security at ‎NHS National Services Scotland (NSS), said the organisation was aware of the incident and was ‘aligned with’ National Cyber Security Centre (NCSC) ‘discussions’. Mitchelson said there was no evidence the ransomware attack was targeted so far, and that the focus for IT systems across the NHS in Scotland was on cyber hygiene, and specifically on incident response, patch management, anti virus and anti malware, vulnerability management, resilient backup strategy and education.