DUBLIN, IRELAND - Ireland's health service operator shut down all its IT systems Friday to protect them from a ransomware attack, which crippled diagnostic services and disrupted COVID-19 testing.
An international cybercrime gang was behind the attack, said Ossian Smyth, Ireland's minister responsible for e-government. Smyth described it as possibly the most significant cybercrime attempt against the Irish state.
Ireland's COVID-19 vaccination program was not directly affected, but the attack was affecting IT systems serving all other local and national health provisions, the head of the Health Service Executive (HSE) said.
Ransomware attacks typically involve the infection of computers with malicious software, often downloaded by clicking on seemingly innocuous links in emails or other website pop-ups. Users are left locked out of their systems, with the demand that a ransom be paid to restore computer functions.
"We are very clear we will not be paying any ransom," Prime Minister Micheál Martin told reporters.
The HSE's chief described the attack as "very sophisticated." Officials said the gang exploited a previously unknown vulnerability. Authorities shut down the system as a precaution after discovering the attack early Friday morning and will seek to gradually reopen the network, although that will take "some days," Martin said.
The attack was largely affecting information stored on central servers, and officials said they were not aware that any patient data had been compromised. Hospital equipment was not impacted, with the exception of radiography services.
"More services are working than not today," HSE Chief Operations Officer Anne O'Connor told national broadcaster RTE.
"However, if this continues to Monday, we will be in a very serious situation and will be canceling many services. At this moment, we can't access lists of people scheduled for appointments on Monday so we don't even know who to cancel."