Ireland's health service hit by ransomware attack by 'international criminals'

Hospitals affected by attack forcing computers to shut down

Annie Lynch (R), the first person to receive the Pfizer BioNTech Covid-19 vaccine in Ireland receives her second dose of the vaccine from vaccinator Deborah Cross (L) at St James’s Hospital in Dublin on January 19, 2021.  / AFP / POOL / Marc O'SULLIVAN

Ireland’s health service said it was under a ransomware attack on Friday that shut down computer systems and disrupted hospitals.

A ransomware attack locks users out of their computers until they pay a fee to the intruder.

The Irish attack was blamed on international criminals and was said to be targeting healthcare records.

Appointments and elective surgeries were cancelled at several hospitals and Deputy Prime Minister Leo Varadkar said the disruption could last for days.

“There’s lots we don’t know but it appears to be a ransomware attack by international criminals,” Mr Varadkar said.

“The problem could run through the weekend and into next week, unfortunately.”

Ireland's Health Service Executive warned of delays in receiving Covid-19 test results, but said that vaccinations would go ahead as planned.

It said patients should expect delays while hospital staff switched to manual systems.

Health service staff were told to keep their computers switched off. 
HSE chief executive Paul Reid said the attack was "an internationally operated criminal operation". The authority was working with police and the army, he said.

"We are at the very early stages of fully understanding the threat," he told Irish broadcaster RTE.

The Rotunda maternity hospital in Dublin said it was admitting only emergency cases and women who were at least 36 weeks pregnant.

Hospital chief Fergal Malone said the attack targeted computers storing patient records.

Life-saving equipment was still working and the hospital switched to backup paper records, he said.

"But obviously throughput will be much slower," he said. He urged outpatients with routine appointments to stay away.

Such routine appointments at three hospitals in the St Luke's Radiation Oncology Network were cancelled because of the attack.

At Cork University Hospital, staff arrived to find their IT systems paralysed with all computers switched off.

The HSE said X-ray appointments across the health service were severely affected.

It said the ambulance service was operating as normal with emergency call handling unaffected.

A similar attack hit Britain's National Health Service in 2017 and was blamed on North Korea.

Health services were disrupted by the WannaCry software, which affected more than a third of England’s NHS trusts.

A report found that no NHS organisation paid the ransom, but the attack could have been avoided by following IT security best practice.

Last week, a ransomware attack shut down an oil pipeline in the US, leading to fuel shortages across eastern states for almost a week.