Advertisement

Paul Reid says paying ransoms is 'a matter for Government' after HSE cyber attack

The CEO of the HSE Paul Reid has said it is not the responsibility of the health service to decid...
Marita Moloney
Marita Moloney

12.03 23 May 2021


Share this article


Paul Reid says paying ransoms...

Paul Reid says paying ransoms is 'a matter for Government' after HSE cyber attack

Marita Moloney
Marita Moloney

12.03 23 May 2021


Share this article


The CEO of the HSE Paul Reid has said it is not the responsibility of the health service to decide whether to pay ransoms to cyber criminals.

The hackers behind last week's cyber attack on the HSE are threatening to publish stolen patient information on the dark web if their ransom is not paid by tomorrow.

The Garda National Cyber Crime Bureau is monitoring underground websites in anticipation of the data being dumped.

Advertisement

Earlier this week, the health service also secured injunctions from the High Court preventing anyone from sharing the confidential files.

The Taoiseach said Ireland will “not be paying any ransom” to the hackers that compromised the HSE IT systems.

Speaking to On The Record with Gavan Reilly, Mr Reid said the issue of whether to hand over money to the hackers is a matter for the Government, not the health service.

Paul Reid says paying ransoms is 'a matter for Government' after HSE cyber attack

00:00:00 / 00:00:00

    

"We take patients' data and the protection of patients' data very seriously, that's why we secured one of the strongest High Court orders that can be achieved, and that applies to persons known or unknown who might publish or circulate data," he said.

"Can you imagine a lower form of crime than publishing data on sick people?

"In terms of ransoms or ransom payments, those are matters for Government and Government policy, I think we've heard Ministers and the Taoiseach repeatedly state very clearly Government policy.

He added that from the HSE's perspective, "investing in criminals just enhances the capacity of criminals further", and this would just be "a race to the bottom".

"Ultimately, of course, what we want to do is protect patients' data, this is a very serious issue and we know what the criminals have threatened to do and we're trying as best as we can to secure that data," Mr Reid said.

"But ultimately, decisions around paying ransoms are policy decisions for Government."

Hospital services

It comes as thousands of hospital appointments are set to be cancelled again next week following the cyber attack.

Meanwhile, a decryption key that could allow access to the locked files is being assessed this weekend.

The criminal gang gave the code to Irish authorities on Thursday, and the Government said it has not paid a ransom to get the key.

Mr Reid said it will take weeks to get the health service's IT systems back up and running, with the process slowly progressing.

The decryption tool "is helping", he stated, and while they are proceeding cautiously with how it is being introduced to some networks, "slow and steady" advances are being made.

"If you look at what we're doing right now, and getting the decryption key, it's not a switch back on the lights [situation] unfortunately, but it does help us," he explained.

"We have been in a process of restoring some systems, rebuilding some systems and renewing some others.

"The priority of systems and services that we're working through, what's key is our diagnostic tools, CTs, MRIs, x-rays, our labs across the county, patient administration systems, GPs, the network infrastructure that the HSE systems are built on.

"This will be a period of weeks before we work through the impact on all of the services and systems."

He said that some hospital systems "got to a better stage" over the weekend, meaning that many will have access to their radiology services and labs next week.

Looking to the days and weeks ahead, he believes that some hospitals back up and running within their bubble, so they'll have services within their hospital, but will not be able to share patient analysis across other hospitals.

Main image: Paul Reid, speaking at a media briefing on COVID-19 last year. Photo: Leon Farrell/Photocall Ireland.

Share this article


Read more about

HSE CEO Hse Hse Cyber Attack Paul Reid Ransomware Attack

Most Popular