I woke this morning to the news that Ireland’s health service was hit by ransomware, crippling a vital component of our society in the middle of a global pandemic. The first reported casualty of this evil deed was a maternity hospital. As the day goes on we will find the consequences of this attack will expand to include more hospitals, medical clinics, doctors’ surgeries and particularly worrying the Covid-19 processes (testing and vaccination). Some or all of these will have to go offline. Much will have to move to alternative mechanisms, such as pen and paper!
Undoubtedly any ransom demand will be rebuffed. To accede would simply raise a flag saying “we pay” and invite more attacks. No, this will have to be taken on the chin, even though the cost of repairing the damage could be some orders of magnitude more than any ransom.
The ramifications of this attack could last weeks or months, and the cost could be massive. In the meantime there will be questions about how the criminals got in and how prepared (or not) the health service was to deal with such attacks. There will be a lot of questions about backups, aging equipment and potential data exfiltration.
It’s a bad day.
Categorised as: Security