Ireland

May 14, 2021: Ransomware Attack Causes Wide Spread Disruption in Ireland’s Healthcare Service

Ireland’s health service shut down its IT system after experiencing a “significant ransomware attack”. The incident has affected more than 80% of IT infrastructure, with the loss of key patient information and diagnostics, resulting in severe impacts on the health service and the provision of care. All computer systems were switched off. Doctors, nurses and other workers lost access to systems for patient information, clinical care and laboratories. Emails went down, and staff had to turn to pen and paper.Lab test data had to be handwritten and manually entered - leading to greater risks of mistakes. Thousands of people's healthcare was disrupted. Confidential medical files were also stolen, with hackers threatening to release the data. A response was quickly mobilised internally, and the Irish Defence Forces were called in to help.

HSE commissioned PWC for independent report on the cyber attack: On 18 March, someone in the Irish Health Service Executive (HSE) opened a spreadsheet that had been sent to them by email two days earlier. But the file was compromised with malware. The criminal gang behind the email spent the next two months working their way through the networks. There were multiple warning signs that they were at work, but no investigation was launched, and that meant a crucial opportunity to intervene was missed, according to the report, and on May 14 the ransomware was released. Senior staff set up a "war room", but the report criticises the lack of preparation or contingency planning for such a loss of systems. "The response teams could not initially focus on the highest priority response and recovery tasks due to the lack of preparedness for a widespread disruptive IT event," it says.

The attackers demanded payment to restore access to the computer systems, Then on 20 May, the attackers, for reasons not entirely clear - but perhaps realizing the scale of what was happening - posted a link to a key that would decrypt files. This allowed a long recovery to begin, and it took the service four months to fully recover.

May 17, 2021: EU Packaging Maker, Ardagh Group Hit By Cyberattack

European glass and metal packaging manufacturer Ardagh Group shut down some of its systems as a precautionary measure after the company suffered from a cyberattack, officials said Monday.
In an effort to deal with the attack, the Dublin-Ireland-based company said it initiated defense and containment procedures, and was working with external security experts to deal with the incident.
Supply chain operations have been affected, and alternative solutions, including manual workarounds, have been implemented. While products have continued to be shipped to customers, shipping delays were reported

“We are progressively bringing key systems back online securely, in a phased manner. This is proceeding according to plan and is expected to be substantially achieved by the end of this month,” Ardagh said in a statement.

January 1, 2008: SCADA System Collapse Leads to Tunnel Closure

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2008: SCADA System Failure Causes Shut down of Dublin Port Tunnel

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

Pin It on Pinterest

Scroll to Top