icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
20 May, 2021 21:37

Hackers provide decryption tool to unlock IT systems of Irish health services after ransomware cyberattack

Hackers provide decryption tool to unlock IT systems of Irish health services after ransomware cyberattack

A ransomware group which locked Ireland’s Health Service Executive (HSE) out of its IT systems a week ago has shared a decryption tool that could allow restoration of operations, the Irish government has announced.

The move by the hackers was “an encouraging development,” the government said in a statement on Thursday.

The country’s National Cyber Security Centre as well as private contractors were examining the decryption tool to make sure it “would support restoration of our systems and rather than cause further harm,” the statement added.

“Every effort is being made to restore important aspects of the HSE’s IT infrastructure as soon as possible and the focus remains very firmly on restoring medical services for the many thousands of patients in need of them,” it said.

Also on rt.com Hacker attack shuts down IT system of Ireland’s health services, badly affecting one of Europe’s busiest maternity hospitals

The statement also stressed that the Irish government “has not paid a ransom and will not pay a ransom in respect of this crime.”

Following last Friday’s hack, which forced the HSE to shut down all its IT systems, an international hacking gang reportedly demanded $20 million from the Irish authorities. And, despite releasing the decryption tool, the perpetrators are still pushing for the ransom to be paid – a typical tactic for such tech crimes.

According to the Irish Times, the group threatened to start publishing and selling the information it stole from the HSE systems, including personal patient data, on the darknet from Monday if they haven't received payment by then.

A day earlier, the Financial Times reported seeing files and screenshots which indicated that some HSE patient information had been shared online following the hacking.

Also on rt.com Colonial Pipeline CEO confirms paying $4.4 million ransom to hackers, says he did it for America

Irish investigators have been “working actively” together with foreign security agencies to track down those responsible for the cyberattack, the government said.

Earlier on Thursday, the Irish High Court granted the HSE injunctions against the sharing, processing, selling or publishing of any data stolen from its systems in the hack. The court orders, granted against “persons unknown,” may not deter the hackers, but Justice Kevin Cross said the move could minimize the potential damage by effectively putting legitimate information service providers, such as Google, on notice concerning the illegal publication or sharing of the stolen data.

The hack has led to cancellations of key health services in many hospitals across Ireland, including radiotherapy appointments, cardiac checks, X-rays and CT scans, and delayed the processing of non-emergency blood tests. One of the worst-affected institutions was Dublin's Rotunda Hospital, the oldest continuously operating maternity hospital in the world and one of the busiest in Europe.

Earlier this week, Irish Health Minister Stephen Donnelly warned that rebuilding the HSE’s IT systems could require weeks of work and tens of millions of euros.

Like this story? Share it with a friend!