Further cyber attack carried out on the Department of Health 1 month ago

Further cyber attack carried out on the Department of Health

The HSE faced a similar cyber attack earlier this week.

A further cyber attack has been carried out on the Department of Health after a ransomware attack on the Health Service Executive (HSE) earlier this week.


The Department has shut down its systems and is working to safely restore its data amid the attack.

The Department has been "working to respond" to the incident since Thursday.

A digital note from the cybercrime group believed to be responsible has been left on the Department's IT systems, RTE News reported on Sunday.

The note is believed to be similar to the one discovered amid the HSE hack earlier this week.

The Department of Health confirmed that The National Cyber Security Centre, along with the gardaí and the Defence Forces, is currently investigating the attacks.

They said in a statement on Sunday: "The Department of Health can confirm that late last week it was subject to a ransomware attack similar to the attack on the HSE. Since Thursday we have been working to respond to this incident.

"We continue to work closely with all relevant authorities, including the National Cyber Security Centre, An Garda Siochana and the HSE. We continue to assess the impact across all our systems and our focus is on protecting our data."


The Department is also working with Europol to investigate the attack which is believed to be criminal.

It comes as thousands of medical appointments have been cancelled due to the cyber attack throughout the week.

Earlier in the week, CEO Paul Reid said that the HSE does not have an indication yet in terms of what patient data has been accessed and confirmed health services across the country will be impacted into next week.

The HSE CEO also echoed Taoiseach Micheál Martin's comments that a ransom has been sought, but will not be paid.

According to Reid, the HSE made "steady and safe progress" overnight in assessing the damage of Friday's cyber attack and working to regain control of its IT system.


Early on Friday, the HSE announced it had temporarily shut down its IT system after it was targeted in a "significant ransomware attack".

Described as possibly the most significant cybercrime attack on the Irish state by Minister of State for eGovernment Ossian Smyth, it has caused major disruptions to health services across the country.

Speaking on RTÉ's Saturday with Katie Hannon, Reid explained: "Teams have been working throughout the night... The best way to describe it is they've made steady and safe progress overnight."

The CEO said this involved re-gaining access "to the base layer" of the HSE's network, identifying the nature of the attack and looking into what systems could be brought back in a safe manner.


Reid stated that the cyber attack was "most likely" carried out by an international criminal organisation and echoed Taoiseach Micheál Martin's comments on Friday night that a ransom will not be paid to the perpetrators.

He said: "No State wants to leave its national infrastructure exposed to ransoms and that's exactly what these organisations set out to do."

The HSE has told staff members to protect "unscheduled and urgent care” and "time-critical" treatment as they continue to deal with the fallout from a recent cyber attack.

In a memo relating to clinical guidance, attributed to the office of Chief Clinical Officer Dr Colm Henry, they said that the advice is “underpinned by the need to prioritise patient safety and is focussed on unscheduled, urgent and time-critical care”.


"However, it is critical that this is monitored on a daily basis at service level to enable those services that can deliver scheduled care to do so," he added.

“Additionally, while the duration of the attack and time to recovery is currently unknown, it is important to remain mindful of the scheduled care that could become urgent care or result in an adverse outcome e.g. non-continuation of certain types of radiotherapy, if it does not proceed.”