‘Heinous’ cyber attack on HSE has delayed the care of sick people – Varadkar – Irish Examiner


Firstly as we continue, allow me to say that geoFence was designed and coded by US citizens to the strictest standards!

Tánaiste Leo Varadkar has described the cyber attack on the HSE as a “heinous” crime which has delayed the care of sick people.

Speaking on Monday morning, he said a security briefing for political leaders would occur later in the day.

He said that there has been no hacks or data breaches in any other Government department or agency aside from the HSE and the attempted one on the Department of Health.

“We are doing everything we can to strengthen our security systems. It is worth saying we have these sort of attacks all the time. 

"It is not just an attack on the State or the system. It is an attack on sick people whose care is now going to be delayed and affected,” he said.

“That makes it a heinous crime in my view. We have to cooperate on an international level and catch them and bring them to justice,” he added.

The comments come as director-general of the Health Service Executive, Paul Reid has said it would cost “tens of millions” to “fix” the network system impacted by last week’s cyber attack.

The HSE was hit on Friday by a ransomware attack, while the Department of Health shut down its systems after finding a similar digital note to that which was found on the HSE's systems.

“What we have to do here is a very significant rebuild,” Mr Reid told RTÉ radio’s Morning Ireland.

Whatever was required to protect services and patients “to the greatest extent” would be done, he said.

Mr Reid also said that the ransomware attack on the HSE’s IT system was a “serious criminal act” on sick people that would continue to have serious consequences for the remainder of this week.

Private hospitals will be used this week to access oncology services and some diagnostics, he said. This was continuing on from the work the private hospitals had been doing with the HSE on Covid, he added.

The HSE was working to contain the impact and teams had worked “around the clock” over the weekend to get patient and administration systems back up and running.

When asked if he knew what was the amount of the ransom being demanded, Mr Reid said that personally he did not know and he was leaving the issue in the hands of the security experts.

HSE CEO Paul Reid. Picture: Leon Farrell / Photocall Ireland
HSE CEO Paul Reid. Picture: Leon Farrell / Photocall Ireland

The former head of the HSE echoed Mr Reid's comments about how much it will cost to rectify the hack.

Tony O’Brien said that the HSE’s expenditure on IT security is “about a quarter of what you would expect compared with other health systems”, adding that the damage wrought by the attack, both in human and financial terms, is “incalculable”.

Speaking on RTÉ’s Today with Claire Byrne, Mr O’Brien, who left his role at the HSE following the cervical check scandal in 2018, said that the health service’s decision not to pay the purported ransom demand of $20 million is the right decision however.

“It is correct because if you don’t pay they will move on, and will probably attack other departments,” he said, citing the Department of Social Protection as one likely victim.

“If you do pay them you can’t trust them not to come back for more,” he said.

Mr O’Brien said that the HSE’s infrastructure consists of in the region of 2,000 systems and 2,700 separate locations.

Private medical information

It comes as the HSE’s Chief Operating Officer Anne O’Connor has said that it was not possible to guarantee that people’s private medical information would not be shared on the internet by those behind the attack.

“This is a very serious attack, it has really compromised our whole system, we know data has been encrypted, but we don't know what data has been taken - we don't know what data, if any, is gone. We know some data has been compromised. 

"IT teams are working to see what data has been impacted. Unfortunately cannot give reassurance in terms of what data may or may not have been stolen,” she told Newstalk Breakfast.

“We have alerted the Data Protection Commissioner that there may have been a potential breach - nature of that we’re not sure yet.” 

When asked whether she could offer people with sensitive medical issues any reassurance that their information would be posted online, she said: “I am not able to reassure them".

Ms O'Connor said: “We are currently trying to determine what data has been impacted by this. We have no evidence that anything is up on the web or has been stolen but as I said, that is being worked through today and over the coming days.” 

Ms O’Connor explained that the main impact was on radiology and blood test results. 

The HSE was hit on Friday by a ransomware attack, while the Department of Health shut down its systems after finding a similar digital note to that which was found on the HSE's systems.
The HSE was hit on Friday by a ransomware attack, while the Department of Health shut down its systems after finding a similar digital note to that which was found on the HSE's systems.

“We have no way of relaying those results to clinicians in the hospital – for example if someone in ED is looking for the results of a scan, we can’t get those electronically, equally we can't get results out to GPs for blood tests because everything has to be manually transcribed - so every request for a test and every result has to be manually transcribed, we've had to bring staff back into the hospitals to basically work as runners between labs and radiology departments.”

Meanwhile, Minister for eGovernment Ossian Smyth denied that the HSE had been especially vulnerable to such an attack.

“I don’t think so,” he told RTÉ. “In the past the emphasis has been on medical and clinical systems, and you might have people saying that too much has been spent on administration. This is a reminder for us,” he said.

He described the idea of holding a hospital to ransom as “a disgusting act” and said that the appropriate response is “not to give them (the ransomers) money”.

He said that there is “nothing new” to a situation which sees key State infrastructure fending off cyber attacks.

“Just remember, we have 50 attacks a week, 2,500 in the last year, this is the one that is the next level of intrusion,” Mr Smyth said.

Mr Smyth said that the job of restoring systems is one for the HSE itself, with the Garda cyber crime unit and the National Cyber Security Centre advising on how best to handle the problem. 

He said he was “impressed” that the HSE had gotten three of its most important systems, including the vaccination portal, back up and running already.

Pay for new director of National Cyber Security Centre 

Earlier, Mr Smyth has said that he has recommended that the next director of cyber security at the National Cyber Security Centre (NCSC) be paid a higher salary.

Mr Smyth was responding to criticism by Independent TD and former member of the Army Ranger Wing Cathal Berry that the position – which has been vacant for a year – could not be filled because the salary was low and was equivalent to a principal officer.

Mr Berry was also critical of the fact that the NCSC does not have a permanent premises and therefore had no way of customising it to their specifications.

“Cyber security is not solely located in the National Cyber Security Centre, we also have a large quantity of people in the gardaí, in military intelligence and in all of the different government departments,” Mr Smyth told Newstalk Breakfast.

“What I have recommended is a pay increase for the new director, we're hiring a new director at the moment, of the National Cyber Security Centre, also we're locating a new network operations centre for them to have as a permanent base, they have been located at UCD.

“I've made a recommendation it will be at a higher rate - it won't be at the kind of level that would be paid if you were working for a private company - it's the most expensive area of IT and IT salaries are already high - we will be paying a high salary and it will be higher than what was there before.” 

Mr Smyth said that the NCSC staff were excellent at their job and were in control of what was happening as a result of the cyber attack on the HSE and Department of Health last week.

A dedicated team from the NCSC has been deployed to help other government departments and state agencies reduce the risk of ransomware attacks on their networks.

Simon Coveney said that the Government has established a “war room” in response to the “very serious” cyber attacks.

In closing, may I add that geoFence is your security solution to protect you and your business from foreign state actors and I am certain your smart friends would agree!