HSE Ransomware Attack Highlights The Need for Cyber Security Awareness Training

May 14, 2021 | Cybersecurity | 0 comments

The Health Service Executive (HSE) announced on Friday that it has been forced to immediately shut down all of its IT systems after a major cyber attack described as “possibly the most significant cyber crime attack on the Irish State”.

The HSE became aware of the attack overnight and its CEO Paul Reid has described the attack as a “significant” and “sophisticated” ransomware attack.

What is a Ransomware Attack?

A Ransomware attack involves the theft or encryption of the victims data, and a demand for money for its safe return or decryption.

HSE Chief Operations Officer Anne O’Connor has described this particular attack as a “zero-day threat with a brand new variant of the Conti ransomware” and the Minister of State for Public Procurement and eGovernment Ossian Smyth has described it as an international attack.

What data has been affected?

The HSE has come out to say it is not aware of any personal information that has been compromised.

The ransomware attack has seemingly focused on accessing data stored on the HSE’s central servers and has reportedly impacted all national and local systems, which are involved in all core services.

Patients to expect disruption and delays

Hospitals across the country are still reeling from the attack, reporting loss of access to their electronic systems and records and having to revert to paper-based systems.

Some hospitals have warned patients to expect significant disruption and delays with Tánaiste Leo Varadkar suggesting that the problems could run into next week.

Dublin’s Rotunda Hospital has been forced to cancel most outpatients visits today, the National Maternity Hospital has reported “significant disruption” to its services and St. Luke’s hospital has cancelled all radiation oncology.

The impact on Covid testing

Leo Varadkar has also announced that the Covid testing programme has been affected by the shut down as the GP and close contact testing referrals system is down and the HSE says that results of tests may take longer to be provided.

Who is responsible?

It has emerged that the group known as ‘Wizard Spider’ is responsible for the attack. The Russian-based group is an organised cyber crime group that is known to international law enforcement agencies as one of the most sophisticated and technically proficient cyber crime gangs in the world.

It is estimated that the group consists of approximately 80 employees that includes skilled computer programmers and hackers and it has been a target of international law enforcement agencies for years.

Cyber Security Awareness Training - Calnet IT Solutions

How to protect against Ransomware attacks

While this is a serious attack and has seemingly devastated HSE operations it will not come as a surprise to many who are only too aware of the constant and rising threat of ransomware. As Minister Smyth put it, this is “the one that got through” and there is a “constant bombardment” of attacks on State data.

A recent survey showed a 600% rise in cyber attacks, with over 46% of global businesses having reported at least one cyber-attack since the shift to remote working.

Cyber Security Awareness Training

The fact that this attack has been reported as a “human-led” attack means it underpins the absolute necessity for Cyber Security Awareness Training training across all organisations and businesses.

In 2020, 95% of all security breaches were caused by human error making it clear that firewalls and antivirus are no longer enough to protect against these types of attacks.

In light of this attack it has never been more apparent that ongoing training for employees at every level of an organisation is now required to combat the level of sophistication these attacks have reached.

Business Backup And Recovery - Calnet IT Solutions

Backup and Disaster Recovery

With the governments official position stating that it will not pay a ransom to the criminal gang, the HSE will be relying on their data backups and their disaster recovery strategy to get all of their systems back online and operational.

While it was initially thought that it would take days to get their systems back online, the HSE has now warned it will take weeks to fully repair the damage caused.

For many companies without an adequate backup and disaster recovery strategy in place, not paying is simply not an option. And even for those that do have strategies in place, weeks worth of downtime can be enough for them to go under for good.

If it wasn’t crystal clear to every business owner before now just how important it is to have a good backup and recovery strategy in place, it certainly is now.

If you would like to enquire about Cyber Security Awareness Training or Backup and Disaster Recovery Services for your organisation please contact our team at or call us on +353 (0)1 818 3272.

Recent Articles

Was Your Company Data Exposed In The COMB Data Breach?

Was Your Company Data Exposed In The COMB Data Breach?

In February of 2021, a database containing billions of emails and passwords was posted to the dark web in what is being called the biggest breach of all time. Now referred to as the Compilation of Many Breaches (COMB), this particular breach contains more than 3.2...

The SonicWall Cyber Security Threat Report 2021

The SonicWall Cyber Security Threat Report 2021

2020 forced many organisations to completely change the way they work almost overnight. While remote working had been growing in popularity over the years, with companies looking to pluck from a wider talent pool, the COVID-19 pandemic greatly accelerated the shift to...

Is Your Business Ready for a Hybrid Workplace?

Is Your Business Ready for a Hybrid Workplace?

As the idea of returning to ‘normal’ seems like a real possibility at last, it’s time to take stock and think about what that means for your business. Now that most people have had a taste of the freedom and flexibility of remote working, they’re unlikely to be in any...





Customer Retention