Irish Health Service Shut Down By Ransomware Attack

Ransomware

The Irish Health Service shuttered its computer systems Friday following what it called a “significant” ransomware attack.

According to CNBC, the service shut down its systems as a precaution while it assessed the attack with its security partners.

The attack did not affect Ireland’s COVID-19 vaccination program. Appointments will proceed as scheduled, although the vaccine registration portal was taken offline, and doctors can’t refer people for tests, which means patients must use walk-in centers.

“It’s very sophisticated,” said Paul Reid, the service’s chief executive. “It is impacting all of our national and indeed local systems that would be involved in all of our core services.”

“We did become aware of it during the night and we’ve been obviously acting on it straight away. The major priority is obviously to contain this. But it is what we would call a human-operated ransomware attack where they would seek to get access to data.”

Ransomware is malicious software that blocks users from their computer systems. It gets its name from the payment hackers demand — usually in the form of cryptocurrency — before they will restore access.

Peter Carthew of the security firm Proofpoint told CNBC that healthcare organizations are a prime target for these attacks.

“They would have the highest motivation to pay up to restore systems quickly,” Carthew said.

This attack is part of a recent wave of ransomware incidents, most notably the Colonial Pipeline shutdown, which led to gas shortages throughout the south this week. The pipeline supplies 45 percent of the fuel for the east coast.

As PYMNTS noted earlier this week, these attacks are becoming more frequent and the price of falling victim to ransomware is going up. The average ransom paid in the U.S. has multiplied by three to more than $310,000.

For a closer look at  the world of ransomware, read our report from May 12.