Ireland will not pay ransom after health service cyber attack – Taoiseach
Ireland will not pay any ransom after a cyber attack on the health service, the Taoiseach has said.
A ransomware attack closed down the state’s IT services.
The HSE said on Twitter that the temporary shutdown was a “precaution”.
On Friday evening, Micheal Martin said officials are dealing with the matter “methodically”.
“We had the people in place, we had the capacity and we had the systems in place to deal with this and we’re dealing with it methodically from the outset,” he said.
“This is something that has to be dealt with in a methodical way. The system has been shut down. There’s an assessment under way, identification of the issues and other processes.
“It will take some days to assess the impact and that is the proper way to do this and we will make those assessments over time. What’s important is people co-operate with the HSE, emergency services are open, the vaccination programme continues uninterrupted.
“At this stage we are dealing with this in accordance with the advice we’ve received from cyber security experts and I think we’re very clear we will not be paying any ransom.
“The work continues by the experts.”
Earlier Tanaiste Leo Varadkar said the attack could affect systems throughout the weekend and into next week.
He said: “It’s coming at a time when the health service is extremely busy doing lots of other things.
“It’s going to be a very difficult time for the health service.
“I spoke to the HSE this morning and also Eamon Ryan, the minister responsible for cyber security.
“It is a situation that’s still evolving.
“There’s lots we don’t know but it appears to be a ransomware attack by international criminals.
“The problem could run through the weekend and into next week, unfortunately.”
Mr Varadkar said emergency services, ambulance services, GP systems and pharmacy systems are not affected.
But he said there will be “major problems” relating to radiology services, radiation oncology, elective surgeries, and obstetrics and gynaecology appointments.
Mr Varadkar added: “The advice that we’re giving people is that, if you have an appointment, to keep that appointment.
“Don’t contact us, we’ll contact you and let you know.”
Chief medical officer Dr Tony Holohan said the issue had extended to the Department of Health, with staff left unable to access emails.
He said the ability to arrange testing would be compromised, but reiterated the need to stick to the public health advice on washing hands, mask wearing and social distancing.
He said: “Let’s not let it distract us from the basic public health messages. People can still come for testing.
“The HSE is putting in place arrangements whereby the referral process, having been interrupted from GPs, can come directly to walk-in centres to be tested.”
He added: “It interrupts our ability to be able to efficiently for example, organise testing and refer or to generate information and put that back in.
“So I don’t know when that’s going to be resolved.
“I’m not in any position to make a guess as to how long that’s going to take.
“That’s going to impede our ability to know the total number of cases that might arise over the course of a day.”
The attack was discovered overnight and has affected all of the HSE’s national and local systems, chief executive Paul Reid said.
Systems for GP and close-contact Covid-19 test referrals are among the services affected.
The online system for making child protection referrals to the child and family agency, Tusla, is also down.
Mr Reid said people with outpatient appointments in other hospitals should still attend “unless and until” they hear otherwise from the HSE.
In addition, the Covid-19 vaccination programme has not been affected and people are urged to attend and book appointments as normal.
Mr Reid said: “We have been the subject of a very significant, major ransomware attack.
“It’s a very sophisticated attack. It is impacting all of our national and local systems that would be involved in all of our core services.
“We did become aware of it during the night and have been acting on it straight away. The immediate priority is obviously to contain this.”
Mr Reid told RTE’s Morning Ireland the health service was hit by a “human operated ransomware attack”, where hackers gain access to data and then seek a ransom for it.
He said no ransom demands have yet been received.
The HSE shut down many of its major systems as a precautionary measure and is being supported by national cyber security teams, including gardai, the defence forces and third party support teams.
“As the morning progresses we’ll get greater clarity on the issue and greater clarity of the impacts and greater clarity of next steps we are taking,” Mr Reid added.
He said the coronavirus vaccination programme is unaffected.
“I do want to reassure everybody this morning that the vaccination programme continues.
“It’s not impacted,” he said.
“So everybody should still come forward.”
He added that life-saving equipment, such as that used in intensive care units, has also not been affected.
“This is more or less information technology systems and transferring information across networks,” he said.