Ireland’s health system was still struggling to restore its computers and treat patients on Tuesday, four days after it shut down its entire IT system in response to a cyberattack.
Thousands of diagnostic appointments, cancer treatment clinics and surgeries have been canceled or delayed since a ransomware attack on Friday. Authorities said hundreds of people have been deployed to tackle the attack, but it could be weeks before the health service can return to normal.
Irish Prime Minister Micheal Martin said Tuesday that the attack was a “heinous” one that targeted patients and “the Irish public.” Health Service Executive chief clinical officer Colm Henry said the attack had had “a profound impact on our ability to deliver care,” and that the disruptions would undoubtedly “mount in the coming days and weeks.”
More than 2,000 patient-facing IT systems are affected, with around 80,000 devices linked to such systems throughout the health service, Henry told Irish broadcaster RTE. Authorities are prioritizing systems involving direct patient care diagnostics, such as radiology, radiotherapy and maternity and newborn services.
“That’s what our experts are focusing on this week, with external help, to ensure those services are not reliant on manual exchange of information,” he said.
Ransomware attacks are typically carried out by criminal hackers who scramble data, paralyzing victims’ networks, and demand a large payment to decrypt it. Irish officials say a ransom has been demanded but they will not pay it.
Conti, a Russian-speaking ransomware group, was demanding $20 million, according to the ransom negotiation page on its darknet site viewed by The Associated Press. The gang threatened Monday to “start publishing and selling your private information very soon” if the money was not paid.
“The government will not be paying any money,” Justice Minister Heather Humphreys told RTE. “We will not be blackmailed.”
The Irish Association for Emergency Medicine urged people not to turn up at hospitals’ emergency departments unless they have a genuinely urgent need to do so. It said that electronic ordering of blood tests, X-rays and scans is not available, and clinicians have no access to previous X-rays or scan results. Many hospitals’ telephone systems are also not functioning because they are carried on computer networks, it added.
Patients have told RTE Radio of frustration over halted radiation treatments for cancer, and despair that long-awaited cardiology appointments have been canceled until further notice. Lucy Moran, whose 12-year-old son has Down Syndrome, told the radio station that they missed an appointment because of confusion over what services have been affected.
“The waiting lists are horrendous … I don’t know when we’ll be seen,” she said.
The Health Service Executive said in a statement late Monday that there were “serious concerns about the implications for patient care arising from the very limited access to diagnostics, lab services and historical patient records.”
The attack has also shut down the system used to pay health care workers.
The health service said it was working methodically to assess and restore its computer systems.
“Our priority is keeping our patients safe and maintaining essential care and support services,” it said.
Ransomware attacks are an increasing problem for private companies and public bodies around the world.
The Thai affiliate of Paris-based insurance company AXA and a public health provider in New Zealand were both dealing with ransomware attacks on Tuesday.
In the US, the nation’s largest fuel pipeline was hit with a ransomware attack earlier this month. The disruption of the Colonial Pipeline caused long lines at gas stations due to distribution problems and panic-buying, draining supplies at thousands of gas stations.