RTÉ reports:
The Health Service Executive’s National Clinical Adviser for Acute Operations has said there is an “enormous risk” across health services following the cyber attack last week which forced a shutdown of the HSE’s IT systems.
Speaking on RTÉ’s Morning Ireland, Dr Vida Hamilton said it is a “major disaster” and described it as a stressful time in hospitals.
“There is enormous risk in the system and everything has to be done so slowly and carefully to mitigate that risk,” Dr Hamilton said.
She said 90% of acute hospitals are substantially impacted by this cyber attack and it is affecting every aspect of patient care.
Read more on RTÉ.
So this is exactly the type of impact we have often cautioned could happen with an attack on the healthcare sector. The HSE incident seems to be getting more media coverage than other similar attacks, perhaps because it is national, but the risks have been known for years now.
So when all is said and done, when it comes time for the forensics, what was HSE’s security like prior to the attack? What was their backup system like? Had they really used “best practices?” Yes, the blame belongs to the criminals, but had HSE deployed reasonable security given the times?
And will this be the incident that puts so much heat on Conti and other ransomware groups that Conti ducks for cover and other groups now exclude healthcare as carefully as they have excluded Russian or CIS entities? Right now, it doesn’t seem that way. They may not get the $20 million they have demanded, but unless something changes, they will live to extort another day.