Decryption tool tested after hack of Irish health service

·4-min read

The Irish Government has said a decryption tool has been made available following a ransomware hack of the health service IT system.

In a statement, the Government said the tool is being tested, and also insisted that it has not paid a ransom following the hack which has had a “grave” impact on healthcare services.

“A detailed technical process to ensure the integrity of this decryption tool is being carried out by the NCSC and private contractors,” the Government said in a statement on Thursday evening.

“This is to ensure that this tool would support restoration of our systems rather than cause further harm.

“While this is, of course, an encouraging development the detailed programme of work to repair and restore the IT systems still needs to be carried out. The teams of people engaged in this important work will continue to carry it out.

“Every effort is being made to restore important aspects of the HSE’s IT infrastructure as soon as possible and the focus remains very firmly on restoring medical services for the many thousands of patients in need of them.”

The Government said it has not paid and will not pay a ransom following the hack which was first detected last Friday.

“This has been the firm position of the Government from the outset and it will continue to maintain that position,” it said.

“An Garda Siochana, working actively with their international policing and security partners, continue to pursue every avenue available in investigating those responsible for this crime.”

Earlier the head of Ireland’s health service described the “catastrophic” impact of a “stomach-churning” hack of its IT systems.

The number of appointments in some areas of the system has dropped by 80% as health workers grapple with paper records while work continues to recover IT systems.

HSE chief executive Paul Reid criticised the ransomware attack as a “callous act” and an attack on health workers who have been working “relentlessly” through the coronavirus pandemic.

He said the “catastrophic impact” of the hack on the health service emerged in the early hours of last Friday.

“I really do believe this is quite a stomach-churning criminal act,” he said.

To view this content, you'll need to update your privacy settings.
Please click here to do so.

“To launch an attack of such a massive scale on sick and vulnerable people in this country in the midst of a global pandemic is quite an extraordinary thing to do.

“There is no doubt it is a vicious and a callous act and will be condemned everywhere by decent people.

“It is also specifically an attack on healthcare workers having worked relentlessly for 15 months, making many personal sacrifices and taking many personal risks and providing care for people most impacted by Covid-19… coming after three of the most challenging months in the history of the health system in Ireland.”

He told an HSE media briefing on Thursday afternoon that the response has been “comprehensive” since last Friday and will “continue to be relentless”.

However he said work to undo the damage will continue into the coming weeks.

“We are now in the assessment phase where we’re assessing all across the network… to understand the impacts across the network,” he said.

Mr Reid said there are 2,000 systems used by the health service and more than 4,500 servers.

“This is in essence the rebuilding of a legacy network of 30 years,” he said.

The briefing heard the impact on services included a reduction by 70%-80% in outpatient appointments each day.

Hackers have reportedly threatened to release patient data on Monday if a ransom is not paid.

Taoiseach Micheal Martin previously ruled out the paying of any ransom.

Mr Reid told Thursday’s briefing that it is not unusual and not unexpected that there is a threat to publish.

He urged members of the public to report any suspicious activity to the Garda.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting