Digital Desk Staff, additional reporting by Vivienne Clarke
The former chief information officer of the HSE, Richard Corbridge, who led the health service’s response to the last cyberattack in 2017, has said there is “a real and present risk” patients’ data could be released.
Mr Corbridge told RTÉ radio’s Morning Ireland the attack might not have been specifically targeted at the HSE, and it could have been part of a wider probe of health systems across Europe to see where vulnerabilities lay.
In 2017, when the Wannacry ransomware attack occurred, the HSE had been warned by the NHS who had sent “a bat signal” of a cyberthreat, he said.
When asked if the Department of Health would have alerted the HSE when its system was attacked first last Thursday, Mr Corbridge said he would hope that was the case. He also pointed out that given the timing it would have been very difficult for the HSE’s IT team to protect the 85,000 entry points.
It was not necessarily the case that the HSE’s IT system was operating with a weakness, he added, as this situation had not been prepared for. It was a 'zero-day' attack, meaning there was no known previous experience of it.
This was a challenge not just faced by the HSE, but by health systems everywhere trying to keep simple IT systems up to date while operating high tech diagnostic equipment, Mr Corbridge said.
The HSE had a great IT team who were trying to keep up to date “and that is really challenging”, Mr Corbridge added, and they needed to be able to respond with agility and speed, utilising skills and leadership.
Mr Corbridge said he did not know how much detailed data had been taken as part of the attack, but it was now in the hands of the attackers and there was a real and present risk the data of patients would be “exposed.”
Cabinet meeting
Cabinet is due to meet today, during which all Ministers will be briefed in relation the cyberattack and its ongoing impact.
The Irish Times reports there are fears within the Government that patient data may be "abused" by the people responsible for the attack, however, no ransom will be paid in line with State policy.
Cybersecurity experts are now monitoring the dark web for data harvested during the attack on the HSE as it is thought the group responsible may either sell the data, or publish it online if they do not receive the ransom payment.
On Monday, Taoiseach Micheál Martin, Tánaiste Leo Varadkar, Minister for Transport Eamon Ryan, Minister for Health Stephen Donnelly, Minister for Justice Heather Humphreys and HSE chief executive Paul Reid were briefed by the National Cyber Security Centre (NCSC) on the matter ahead of the full meeting of Cabinet today.
Work is ongoing to put the HSE's IT systems back online after they were shut down on Friday as a precautionary measure, however, no disruptions are expected for payroll services.
Other matters due for discussion at today's Cabinet meeting include a proposal to block investment funds from buying large stocks of residential properties, while changes to restrictions surrounding international travel will also be debated.