Ransomware attack to cost Irish health system over $120 million

Posted by: promeromdr Comments: 0

May 29, 2021

HSE CEO PAUL Reid has said it will likely cost over €100 million to deal with the fallout of the cyber attack on Ireland’s health service.

Speaking at the HSE’s weekly Covid-19 briefing, Reid said it will cost “tens of millions” to undo the damage. He said €100 million is an early estimate but this figure is likely to increase.

“In terms of the network restoration, the IT costs and resource costs and extra costs by upgrading elements of our network and laptops … I said at the outset [that the cost of this] will be in the tens of millions and there is no doubt that €100 million will be the smaller figure in terms of the total cost of this.”

Reid said the HSE is keen to have an independent investigation further down the line into how the cyber attack happened and how it was handled.

“We are certainly keen to have an independent and objective assessment of the incident. I am certainly very open to an independent assessment, and that’s what our board are currently finalizing.”

Reid said the cyber attack has brought “unimaginable strain, duress and extreme high risk” to the country’s health system. He said it was “beyond contempt” and described those responsible as people “who operate without a basic level of morality”.

Also speaking at the briefing, Chief Operations Officer Anne O’Connor said trojan work is continuing in a bid to get more services back online.

About 14,000 of 80,000 HSE devices such as laptops have been plugged back in so a “cleaning process” can be carried out, O’Connor said.

Email issues

O’Connor said that staff in various services are “really struggling” without the use of email. She said email is integral to the running of many services and getting it back up and running is an “absolute priority”.

The email system has been “hugely compromised”, she noted, but the HSE expects to get some access later today.

“Email sounds very benign, when you look at the other very high tech systems, but actually it’s hugely important for us and we are really struggling without it. And that’s not the kinds of emails about setting up meetings, this is email between multidisciplinary team members.”

O’Connor said the issue is particularly impacting community services such as mental health teams and disability teams who rely on email to share their assessment of patients’ needs across multidisciplinary teams.

She said that, as of lunchtime yesterday, up to 14,000 of about 80,000 devices such as laptops were able to be plugged in to undergo “a cleaning process” – “the first step” in a longer security process.