Conti ransomware attacks aimed at Ireland’s Department of Health caused a shutdown of a number of networks and services.
Last week, Conti gang attempted to encrypt systems of the Ireland’s Department of Health and demanded a ransom from the institution in exchange for providing a decryption key. According to officials, this attack managed to cause disruption in the health networks that will cost tens of millions to repair.
A number of systems and services are out of access several days after the incident while hundreds of professionals are working tirelessly to get them up and running. An update to the attack revealed that the Conti gang has demanded a ransom of $20 million from the Irish Health Service Executive, which the public institution has refused to pay.
Fortunately, the country’s COVID-19 vaccination program remained safe from the ransomware attack, according to a report published by the Irish National Cyber Security Centre (NCSC) on Sunday. The program is stored on a different IT system along with details on coronavirus testing and tracing or emergency health services, the publication states. Emergency departments and the National Ambulance Service are also running without disturbance.
The most affected are the systems related to specific health services and appointments for patients which resulted in many hospitals having to cancel health procedures and planned appointments. Presently, until all systems are set back in place, non-emergency procedures are being re-scheduled.
Investigators of the incident reveal that they have detected “a human-operated Conti ransomware attack” last Tuesday, that necessitated the shutdown of a number of HSE systems. Fortunately, the ransomware was quickly detected and suspended with the help of anti-virus software and the deployment of security tools during the investigation phase itself.
However, sources report that Conti ransomware gang claims to have had access to the HSE systems for a period of two weeks before the attack was detected. During that time, the criminals claim to have managed to steal nearly 700 gigabytes of unprotected data from the HSE, including patient and employee details, contracts, financial information and other sensitive data.
Similar to the DarkSide gang that recently entered the news headlines with its attacks on Colonial Pipeline and Toshiba, the Conti gang is yet another group of criminals that is targeting high-profile institutions and organizations worldwide.