The bill for fixing network systems after a ransomware attack on Ireland’s health service will run into “tens of millions” of euros, says Paul Reid, CEO of the Health Service Executive (HSE).
“What we have to do here is a very significant rebuild,” he said. Around 85,000 HSE devices have been turned off as a precaution and 2,000 different IT systems are being cleared and assessed one-by-one by cyber security teams following the 14 May discovery of the attack.
It is likely to take several days to safely restore the network and all computers, according to authorities.
The HSE’s chief clinical officer Dr Colm Henry conceded the challenge to continue delivering care will increase at most hospitals as time goes on because much of modern healthcare is heavily reliant on IT systems.
Pinning the blame on an international cybercrime gang, the Irish government said: “It is aimed at nothing other than extorting money and those who carried it out have no concern for the severe impact on patients needing care or for the privacy of those whose private information has been stolen.
“These ransomware attacks are despicable crimes, most especially when they target critical health infrastructure and sensitive patient data. The significant disruption to health services is to be condemned, especially at this time.”
The Conti ransomware gang suspected of being behind the attack have reportedly demanded a $20m (€16.5m) payment from the HSE, offering to provide a decryptor and delete the stolen data in return.
Minister for Justice Heather Humphreys responded saying: “The government will not be paying any money. We will protect our citizens. We will not be blackmailed.”
In a statement the government also said: “Any public release by the criminals behind this attack of any stolen patient data is equally and utterly contemptible. There is a risk that the medical and other data of patients will be abused.”
Irish media reported the HSE’s chief operations officer Anne O’Connor as saying: “This is a very serious attack. It has really compromised our whole system. We know some data has been compromised. IT teams are working to see what data has been impacted. Unfortunately, we cannot give reassurance in terms of what data may or may not have been stolen,” she said.