The recovery costs of the ransomware attack on the Health Service Executive (HSE) threaten to spiral out of control. So far, ‘more than €100 million’ has already been allocated to repair the IT systems of the Irish health service. According to Senator Martin Conway, the bill could easily rise to more than half a billion euros.
Recovery operation bill is hundreds of millions of euros higher
Paul Reid, chairman of the Oireachtas health committee, says he can say “not with certainty” that the worst of the cyberattack is behind him. He fears that it will take months before all computer systems of the HSE are restored. Reid says that more than 100 million euros has already been allocated for the repair operation.
Senator Marin Conway (Fine Gael) estimates that the total costs will be more than half a billion euros. Reid thinks this is a fair guess. According to him, it is necessary to make major investments in IT systems and infrastructure to prevent a recurrence in the future. For example, a large number of computers have to be replaced. In addition, core systems must be upgraded for better information security.
‘Investing in security and protection of data’
“There is a need to invest in data security and protection, and we will learn many lessons from this in reports that we can expect,” said Reid. He acknowledges that the HSE used ‘a really old network’ for its services. Initially, so before the cyber attack, the health service wanted to invest 82 million euros in malware protection. That amount will most likely be many times higher.
The chairman of the health committee says there are no indications that privacy-sensitive patient data has been viewed by attackers. At the same time, he emphasizes that the worst may not be over yet. Reid is more positive towards the Irish Times. He tells that medium that three-quarters of the HSE servers have been decrypted and seventy per cent of the workstations are operational again.
Thousands of systems need to be repaired
In mid-May, hackers carried out a ransomware attack on Ireland’s national health service. By installing ransomware, the attackers, allegedly members of the Conti Group, managed to steal 700 GB of patient data. In addition, regular care for patients suffered an enormous delay. This was because ‘critical IT systems’ had been taken offline.
The hackers allegedly demanded $20 million not to disclose the stolen information. Irish Prime Minister Micheál Martin said he has no intention of paying the ransom. The HSE went to the Supreme Court for a court order to prevent the disclosure of the stolen data.
The Prime Minister described the attack as “highly advanced” and said it would take “several days” to restore all computer systems. His colleague, Health Minister Stephen Donnelly, contradicted him, saying the repairs would likely take “several weeks“. That also does not seem to be a realistic estimate. In total, about 2,000 computers and IT systems need to be repaired.
Catch up on more articles here
Follow us on Twitter here