Conti ransomware has waged back-to-back attacks on the Irish health sector. At first, they successfully attacked the Health Service Executive (HSE) for which they have demanded a huge ransom. Then, alongside this attack, the attackers also made a failed attempt at the Department of Health.
Irish Health Service Executive (HSE) Shut Down After Ransomware Attack
Recently, Conti ransomware made it to the news as they attacked Ireland’s Health Service Executive (HSE). The ransomware attack emerged as a huge blow as it caused the HSE to shut down its’ services.
As Paul Reid, Chief Executive HSE, told NewstalkFM, it’s a ‘sophisticated attack’ that fortunately didn’t affect the COVID-19 vaccination program.
Paul Reid says the major ransomware attack targeting the HSE is "quite sophisticated", while the COVID-19 vaccination programme isn't impacted as it's on a different system.@NTBreakfast pic.twitter.com/XXtzlzBQAV
— NewstalkFM (@NewstalkFM) May 14, 2021
Also, HSE confirmed that the incident didn’t impact the ambulances and contact tracing services. Whereas, HSE also continues to inform people of the COVID-19 test results via texts.
Besides, the facility has also set up an update page for the users to know the county-wise status of hospitals.
While, initially, the details remained somewhat veiled. However, Bleeping Computer has reported that the ransomware gang has demanded $20 million (precisely, $19,999,000) as ransom. The attackers claimed to have stolen over 700GB of unencrypted data. The breached information includes sensitive patient and employee details, payroll, financial statements, contracts, and more.
The Irish PM, however, has categorically refused to make such payments.
'We're very clear we will not be paying any ransom or engaging in any of that sort of stuff' Taoiseach @MichealMartinTD says of the ransomware attack on the HSE | Live blog: https://t.co/itscpwqdS7 pic.twitter.com/Pl4A4JNOST
— RTÉ News (@rtenews) May 14, 2021
Ireland’s Department of Health (DoH) Marginally Escaped Similar Attack
Shortly after the attack on HSE, the Conti ransomware gang also aimed at the Irish Department of Health.
However, it remained a failed attempt, as the National Cyber Security Centre (NCSC) stated in an advisory.
Malicious cyber activity was also detected on the Department of Health (DoH) network early on Friday morning (14th May 2021), however due to the deployment of tools during the investigation process, an attempt to execute ransomware was detected and stopped.
The attempt was thwarted as the NCSC, together with a third-party security provider swiftly detected the existence of Cobalt Strike Beacon – a RAT – on the Irish DoH network.
Once again, the attack didn’t affect the national vaccination program. Whereas, investigations also continue to monitor any potential risks.