Irish Health Service Shut IT Systems to Block ‘Significant Ransomware Attack’

May 14, 2021 Updated: May 14, 2021

Ireland’s national health service has shut down its IT systems on Friday morning after it was hit by a ransomware attack.

The Health Service Executive (HSE) said the move was precautionary.

“There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our [sic] IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners,” HSE wrote, at the start of a string of tweets.

“We apologise for inconvenience caused to patients and to the public and will give further information as it becomes available,” it added.

HSE said vaccinations and the national ambulance service are not affected.

The tweets came after a maternity hospital announced the cancellation of most visits.

“Due to a serious IT issue all outpatient visits are cancelled today—unless you are at 36 weeks pregnant or later. All gynae clinics are cancelled today,” The Rotunda Hospital said on Twitter.

“If you have any urgent concerns please attend as normal,” it added.

The hospital later said its antenatal parent education classes were to go ahead on Zoom.

“It’s a very sophisticated attack, not just the standard attack. It is impacting all of our national and local systems that would be involved in all of our core services,” HSE Chief Executive Paul Reid told national broadcaster RTÉ.

“The vaccination programme continues thankfully, it’s a separate system.”

Reid said the attack was largely affecting information stored on central servers and not hospital equipment.

Ransomware attacks typically involve the infection of computers with malicious software, often downloaded by clicking on seemingly innocuous links in emails or other website pop-ups. Users are left locked out of their systems, with the demand of a ransom to be paid to restore computer functions.

They differ from a data breach or other types of hacking, which may steal large batches of customer data or other information from companies or individuals.

Last week, Colonial Pipeline, which delivers about 45 percent of the fuel consumed on the United States’ East Coast and is a primary fuel pipeline for North Carolina, halted operations last week after revealing it had been targeted by ransomware, causing North Carolina to declare a state of emergency.

The WannaCry ransomware attack in 2017, launched by North Korea had impacted 300,000 computers in 150 countries.

Reuters and Tom Ozimek contributed to this report.