{"id":1863,"date":"2021-05-28T05:28:42","date_gmt":"2021-05-28T12:28:42","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=1863"},"modified":"2021-05-28T05:28:43","modified_gmt":"2021-05-28T12:28:43","slug":"irish-health-system-still-struggling-after-cyber-attack","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/irish-health-system-still-struggling-after-cyber-attack\/","title":{"rendered":"Irish health system still struggling after cyber attack"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

Following a massive<\/a> cyberattack targeting Ireland\u2019s health service IT infrastructure across the country nearly two weeks ago, many hospitals are still without computer services. Believed to have been launched by a cybercriminal group known as Wizard Spider, a ransomware tool called Conti was used to attack the Health Service Executive (HSE). It\u2019s the worst cybercrime attack on an Irish state agency to date. <\/p>\n\n\n\n\n\n\n\n

What happened?<\/h2>\n\n\n\n

On May 14, 2021, the HSE\u2019s systems and many hospital servers were targeted by Wizard Spider, encrypting and stealing more than 700GB of data. The ransomware group claims<\/a> that they had been in the HSE\u2019s systems for two weeks prior to the attack. The group then demanded $20 million in ransom for the data, which the Irish government so far has refused to pay. In the last few days, the hackers have provided a decryption tool<\/a> to the HSE for free in order to retrieve the medical data; however, they are still adamant about selling or publishing the data if the ransom is not paid. <\/p>\n\n\n\n

Service disruptions<\/h2>\n\n\n\n

As one might expect, chaos has ensued when it comes to providing medical services. Because of the IT outage, there is strain across the board, especially when it comes to emergency services, CT scans, and x-ray appointments. Because computers are used to control proper dosing, radiation therapy for cancer patients has been chiefly suspended. According to ABC news<\/a>, lack of access to patient records and medical histories makes it difficult to provide people with the care they need. Furthermore, because of the lack of computer access, labels for samples and blood transfusions need to be written by hand, so doctors worry about the potential for error.
<\/p>\n\n\n\n

Even though a decryption tool has been provided, it will likely be weeks before systems have returned to normal. The police<\/a> also fear that people\u2019s personal data could be harvested for years and utilized for criminal scams.<\/p>\n\n\n\n

How can such attacks be prevented?<\/h2>\n\n\n\n

It has been widely reported that Ireland\u2019s health services were not prepared to handle such a cyberattack, with a plethora of weaknesses<\/a> apparent across the HSE\u2019s computer systems. Among these was the use of older and legacy systems, including 37,000 computers that still use Windows 7. Windows hasn\u2019t automatically provided security updates for the operating system since January 2020. The HSE, however, denies that Windows 7 was to blame for the incident, and experts have not yet pinpointed the specific cause. Experts say<\/a> that this is something that all European countries should be worried about, as Ireland isn\u2019t the only one depending on vulnerable legacy systems for their IT infrastructure. 
<\/p>\n\n\n\n

To prevent such attacks on critical infrastructure in the future, agencies using out-of-date and legacy systems will need to give their cyber networks a complete overhaul. While this is a time-consuming and expensive solution, with ransomware attacks on the rise (growing by 150%<\/a> in 2020 alone), it is necessary. The EU thinks<\/a> so too; it\u2019s currently working on a mandate that would require both public and private entities across the union to adhere to a higher level of cybersecurity or face hefty fines. 
<\/p>\n\n\n\n

Making sure that staff have adequate training when it comes to social engineering is also important. Conti often gains access to networks via malicious email links, attachments, or stolen Remote Desktop Protocol (RDP) credentials. Therefore, employees knowing how to recognize suspicious or malicious communications is vital for ransomware prevention. <\/p>\n\n\n\n

Wrap up<\/h2>\n\n\n\n

The attack on Ireland\u2019s healthcare system was devastating, and unfortunately, it\u2019s unlikely to be the last of its kind. Last week the FBI issued<\/a> an alert stating that there have been at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, driving home the fact that this is a global issue. They are among 400 organizations worldwide that have been Conti targets over the past year.
Hopefully, this incident and the recent Colonial Pipeline<\/a> attack serve as a wake-up call for public and private entities alike regarding up-to-date IT infrastructure. Unfortunately, unless IT systems reflect modern standards, anyone could become a target too.\n\n<\/p>\n","protected":false},"excerpt":{"rendered":"

Following a massive cyberattack targeting Ireland\u2019s health service IT infrastructure across the country nearly two weeks ago, many hospitals are still without computer services. Believed to have been launched by a cybercriminal group known as Wizard Spider, a ransomware tool called Conti was used to attack the Health Service Executive (HSE). It\u2019s the worst cybercrime […]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1863","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1863","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=1863"}],"version-history":[{"count":1,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1863\/revisions"}],"predecessor-version":[{"id":1864,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/1863\/revisions\/1864"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=1863"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=1863"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=1863"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}