HSE cyber attack: Full impact may take days to assess but COVID-19 vaccines continue

The full impact of the cyber attack on the HSE's IT system will not be known for a number of days...

08.51 15 May 2021

Share this article

HSE cyber attack: Full impact...

HSE cyber attack: Full impact may take days to assess but COVID-19 vaccines continue


08.51 15 May 2021

Share this article

The full impact of the cyber attack on the HSE's IT system will not be known for a number of days.

An assessment is under way and the health service is liaising with Gardaí and the National Cyber Security Centre.

The HSE said today that it is making headway as it attempts to rebuild its IT systems following some further progress last night.


However, it added that the rebuild will be a slow and methodical process.

A ransomware attack involves hackers gaining access to an entities data and threatening to publish it or encrypt it unless a 'ransom' is paid.

The Taoiseach said Ireland will “not be paying any ransom” to the hackers that compromised the HSE IT systems yesterday morning.

A demand for money has been issued but Micheál Martin said the country would be "very clear" in deciding not to pay any money to the group responsible for the attack.

COVID-19 vaccination appointments are going ahead as normal, while the portal to register for a vaccine was back up and running as of last night.

There are delays to the testing and tracing programme, however, while the daily COVID-19 figures will not be released today, rather they will be backdated and published when possible.

The Chief Medical Officer, Dr Tony Holohan, said the cyber attack on the HSE won't stop the nation's fight against the virus and added that the public's best response is to keep on protecting themselves.

Speaking to Newstalk Breakfast with Susan Keogh, Ronan Murphy, CEO of SmartTech247, described the attack as "extremely substantial" and coming at a time that couldn't be worse for a national health service.

Cyber attack The Health Service Executive (HSE) sign at the organisation's HQ in Kildare. Photo: Eamonn Farrell/Photocall Ireland.

"It's very disruptive, it's very significant, and I think the fallout from it is going to be quite profound," he said.

He explained that the group believed to be behind the ransomware attack are based in Russia and have been around for years, and have had a lot of success in launching attacks on organsiations' IT systems.

"They're a little bit more sophisticated than your typical ransomware gang insofar as they put a bit more effort into the targeting of their victims as opposed to randomly trying to shoot fish in a barrel," he said.

"They're quite a sophisticated and well-organised syndicate."

Mr Murphy added that organisations like the HSE face a dilemma when deciding whether to pay a ransom.

"First and foremost, I'm an advocate of you do not pay, when you do pay you're giving money to organised criminals and you're fuelling their organisation to go on and do further hacks on organisations around the world," he said.

"But it is a very complex conundrum that you find yourself in when you're a victim of this and there are many moving parts you have to consider.

"If I were having this conversation a number of months ago, I would have said the typical precautionary steps that you take to protect yourself is you have a backup of your data and you encrypt your data to restore it.

"Unfortunately, the evolution of these gangs means now they're not only encrypting your data, they're also exfiltrating your data, meaning they're taking a copy of it."

File photo. Credit: Frank Rumpenhorst/dpa

Mr Murphy said that while he was not claiming that this is what happened with the HSE, when such an attack happens, these groups can take and encrypt your data and then make it public if you don't pay.

He continued: "The question you have to debate and decide on, 'OK we have to get our systems back up and running and if everything is encrypted, there's a protracted timeline to reestablish our systems and get them working and there's a cost associated with that'.

"Secondly, if they have large repositories of our data and they're going to dump that data publicly, what's the expense and cost of that.

"They're two very important questions that have to be asked and again, I'm an advocate that you don't pay but you are starting to see, unfortunately, that a lot of organisations, including the Colonial Pipeline in the US last week, who do pay."

Main image: The vaccination centre entrance outside the Helix in Dublin. Photo Leon Farrell/

Share this article

Read more about

Covid-19 Covid-19 Vaccines Hse Hse Cyber Attack Hse Ransomware Attack Ransomware

Most Popular