There has been a 60% spike in attempted cyberattacks on Irish hospitals and healthcare settings, according to cybersecurity firm Smarttech247.
The company said its teams have detected the upsurge over the past eight weeks and is warning of the potential severe threats being posed to patient care and data security.
It is just over two years since the Health Service Executive (HSE) was targeted by a major ransomware attack that caused widespread disruption and saw information held on computer systems illegally accessed and copied.
In May 2021, the HSE announced that it had been the subject of a very significant ransomware cyberattack which was impacting all of its systems involved in the provision of its core services. The HSE reported that some of its servers and workstations had been encrypted with Conti ransomware and that staff were unable to access impacted patient data. In addition, it became aware that other health bodies, including hospitals, were also reporting that their IT systems had been externally encrypted and that the Department of Health had reported suspicious activity on its systems. Conti is a human operated ransomware. In addition to stealing data, the attackers threatened to expose the data as well as encrypting it. The HSE estimated the need to contact 90,000 people that may have been targeted as part of the attack. No ransom was paid.
The HSE has previously said that the immediate costs associated with the cyberattack could be around €100m but that long-term costs could rise to €500m.
In September last year, a report from Ireland’s spending watchdog, the Comptroller and Auditor General (C&AG) outlined that the HSE will need to spend almost €657m over seven years to implement cyber security improvements following the breach.
CEO of Smarttech247 Raluca Saceanu said advances in IT can create more headaches for security within organisations.
“Cybercriminals are taking advantage of the increasing reliance on technology within the healthcare sector, exploiting vulnerabilities to gain unauthorised access, disrupt operations, and compromise patient data,” Ms Saceanu said.