Coombe Women and Infants University Hospital in Dublin was disconnected from the HSE’s National Health Network on Thursday following a cyberattack on its IT systems.
HSE chief executive Paul Reid said the overnight attack appeared to have been contained in the Coombe and there did not appear to be ‘further contamination across the wider healthcare network’ .
The attack affected multiple systems at the Coombe, but hospital management said they wanted to “reassure everyone who accesses our services that these services are continuing as normal.”
“We have locked down all of our IT systems as a precaution and are working closely with the HSE to resolve this issue,” he said in a statement.
However, Mr Reid told an HSE press conference that most services in Coombe continued unhindered on Thursday, but radiology and some patient management systems were affected as they were connected to the national grid.
The latest attack comes just days after the publication of a report on the ransomware attack that crippled the HSE earlier this year, compiled by PwC.
He discovered that opening a malicious Microsoft Excel file attached to a phishing email led to the cyberattack. The case was opened on an HSE workstation on March 18, with the email sent to ‘patient zero workstation’ two days earlier.
The ransomware was deployed on May 14 and officials demanded money from the HSE to stop them from posting patient information online, which the organization says was not paid for.
Mr Reid said the attack – on a single volunteer hospital rather than the HSE itself – was considered a “moderate risk” when identified on Wednesday.
The HSE, he said, had a “fragile” network that was vulnerable to attack but had measures in place to try to prevent attacks, including multiple authentication checks and training. to spot phishing emails and attachments through which attacks could be mounted.
“We’re trying to mitigate, but we know the networks are vulnerable and we have a fragile, unintegrated network that’s exposed,” he said.
Mr Reid said a high proportion of organizations that fall victim to a cyberattack are “re-affected”.
Crumlin Children’s Hospital in Dublin said it had restricted external email and internet access as a precaution, but hospital systems were working. There was no indication that the hospital had been hit by the same attack as the Coombe.
Security consultant Brian Honan said PwC’s report highlighted significant gaps in IT and cybersecurity infrastructure within the HSE.
“Until these issues are properly addressed within the HSE and individual hospitals, there is an ongoing risk that attacks such as the one on the Coombe Maternity Hospital could occur,” he said.
“Unfortunately, the criminals behind these attacks do not care who they hurt or the damage they cause. This makes it all the more important that all victims of these crimes report and work with An Garda Síochána and others. law enforcement agencies, so that these criminals can be brought to justice.