Gardaí investigating the cyber attack on the HSE say they have seized 'several' websites used in ransomware attacks.
The Garda National Cyber Crime Bureau (GNCCB) says it carried out a "significant disruption operation", which targeted the IT infrastructure of a cyber crime group.
Gardaí say the seizure of these domains has directly prevented a large number of further ransomware attacks across the world.
"GNCCB have subsequently deployed a 'splash screen' onto the seized domains in order to notify any potential victims of the likelihood that their system has become compromised by ransomware.
"This will enable them to take appropriate security measures", Gardaí say.
The 'splash screen' used by Gardaí on the seized websites. Picture by: An Garda SíochánaA process is also underway between An Garda Síochána, Europol and Interpol to provide details of the URLs to member countries, to ensure that infected systems are decontaminated.
Gardaí say to date, a total of 753 attempts were made by ICT systems across the world to connect to the seized domains.
In each instance, the seizure of them by the GNCCB likely prevented a ransomware attack on the connecting system - by rendering the malware deployed on the victims system as ineffective.
Following the cyber attack on the HSE in May, data of around 520 patients emerged online.
While the Russian ambassador to Ireland, Yury Filatov, said his country had offered to conduct a joint investigation.
He said he had no way of judging who was behind the attack – but noted that Russia is targeted by hackers "on a daily basis."
He said Russia had a "real interest in promoting international cooperation" on cybercrime and was offering to investigate the attack jointly.
