| 13.9°C Dublin

No ransom demand yet after Coombe Hospital target of cyber attack


The Coombe Women and Infants University Hospital in Dublin. Picture: Colin Keegan

The Coombe Women and Infants University Hospital in Dublin. Picture: Colin Keegan

The Coombe Women and Infants University Hospital in Dublin. Picture: Colin Keegan

A ransom demand has yet to be received by the Dublin maternity hospital that was the target of a cyber attack on Wednesday, it was claimed yesterday.

The Coombe Women and Infants University Hospital said the attack happened overnight but it was continuing with its services.

Minister of State Ossian Smyth said it had all the hallmarks of a ransomware attack in that it involved encryption of services.

“There hasn’t been any note. In the previous attack on the HSE there was a ransomware note on every machine that was compromised,” he said.

“That hasn’t been the case here. It is not clear whether it is a human-operated ransomware attack or if it was a self-replicating attack, which is much less serious.”

The attack is nevertheless a serious one, and the National Cyber Security Centre and the Garda National Crime Bureau were called in.

“We don’t know if there has been any data breach so far – whether there are any data protection issues involved. That’s all being assessed,” Mr Smyth said.

Earlier yesterday, the hospital said: “We wish to reassure all of those accessing our services that these services are continuing as normal.

“We have locked down all our IT systems on a precautionary basis and are working closely with the HSE to resolve this matter.”

The HSE was the victim of a major cyber attack last May after Russian criminals managed to enter its system. They brought the health service to its knees as much of its IT system was paralysed for weeks.

An HSE spokesperson said the Coombe attack impacted several systems in the hospital. Tech teams have disconnected the facility from the National Health Network.

The attack was discovered by the IT team at the Coombe.

Daily Digest Newsletter

Get ahead of the day with the morning headlines at 7.30am and Fionnán Sheahan's exclusive take on the day's news every afternoon, with our free daily newsletter.

This field is required

A report on the HSE cyber attack last May said it failed to respond to several alerts about malicious activity in its computer system .

The ransomware attack left computer systems across most of the health service disabled for weeks and led to mass cancellations of patient procedures, including vital surgeries and scans.

An HSE-commissioned report revealed the hackers entered the system as long ago as March 18.

They infected the system with malware after someone opened a maliciously constructed Microsoft Excel file that had been attached to a phishing email sent to the user two days previously.

The criminals managed to gain unauthorised access to the HSE’s IT environment and continued to operate in it for the next eight weeks, compromising and abusing a significant number of accounts with high levels of privileges .

The report found “there were several detections of the attacker’s activity prior to May 14, but these did not result in a cyber security incident and investigation initiated by the HSE”.

“As a result, opportunities to prevent the successful detonation of the ransonware were missed,” it added.

The HSE said it is now monitoring its system 24/7, using external expertise to detect suspicious activity.

Most Watched