Monday 22 July 2019

Ransomware threat to the HSE 'not over' warns chief, with doctors facing delays

HSE chief Tony O’Brien. Photo: Tom Burke
HSE chief Tony O’Brien. Photo: Tom Burke

Ryan Nugent and Eilish O'Regan

The ransomware threat to the health service "is not over" according to HSE chief, Tony O'Brien, who has called for "maximum vigilance" from staff this week.

Despite concerted efforts by IT experts to fight the threat over the weekend, Mr O'Brien has admitted he still has concerns.

The HSE boss posted directives for staff online along with a stark warning of the potential dangers: "The cyber threat is not over. Maximum vigilance needed in days ahead."

Patients attending their GP surgeries may experience some delays this morning as health officials attempt to safeguard their computers against the potential of a cyber attack.

Doctors have been warned not to open their practice computers this morning until they are certain their anti-virus security systems are up to date.

The warning was issued by Dr Brian O' Mahony, the project manager of the GPIT Group with the Irish College of General Practitioners, which held its annual meeting in Wexford over the weekend.

Dr O'Mahony, who is an expert in health informatics, said: "Every GP needs to ensure that their IT systems are up to date, as this is a relatively new virus, which can infect their IT systems via email.

"I strongly advise doctors not to open their emails on Monday until they are certain their computers have the security patches made available by Windows last March. If those patches have not been uploaded, their systems are vulnerable."

Dr O'Mahony added: "Anyone with a Windows XP computer should not turn it on, as these older computers are not supported by the new security patches."

He said it should take no more than 20 minutes to download the anti-virus protections.

A spokesperson for the Department of Communications said the attack was "unprecedented".

The spokesperson added: "The major cyber attack that occurred globally in recent days is unprecedented in terms of scale and speed of onset.

"Whereas ransomware attacks via malicious email attachment have become commonplace, this newly discovered malware type, generally referred to as WannaCry2, is both "cryptor" and "worm" - it possesses the ability to replicate functional copies of itself to other networked hosts without the need for users to click on links or otherwise interact. As such, it can spread very rapidly from machine to machine."

A social media campaign has told healthcare staff they can turn on their computer this morning, but they should not log on.

The campaign, led by eHealth Ireland, has issued a number of steps to be taken by staff when they arrive to work.

It says that emails have been disabled on all machines.

Meanwhile, Health Minister Simon Harris said the protocols in place are "really important" in order to "prevent a cyber attack damaging the Irish health service".

A GP's computer holds vital records about their patient and while most would have modern technology, some would still have a Windows XP computer.

The ransomware virus primarily targets computers and laptops that are still operating on Windows XP.

It was launched in 2001 but in 2014 Microsoft stopped supporting the operating system.

It stopped releasing further upgrades for XP, so it is more prey to hacking.

GPs could face a substantial bill to replace a computer with Windows XP. This comes at a time when several GP practices are under financial pressure.

The GPs use an internal electronic system to refer patients to hospital and transfer information such as test results. Once their computer is safe, they can go ahead with and use this internal electronic system, which is completely safe from this virus attack.

Dublin Information Sec 2017, Ireland’s cyber security conference, addresses the critically important issues that threaten businesses in the information age. Tickets for the event at the RDS in Dublin can be booked here.

Irish Independent

Editor's Choice

Also in Irish News