Ireland Tests Decrypt Tool After ‘Catastrophic’ Ransomware Attack

google, encryption key

Tool being tested after ‘stomach-churning’ ransomware attack that crippled Ireland’s health IT systems during Coroavirus pandemic

Irish authorities are reportedly testing a decrypt tool to see if stolen health data can be recovered.

Last week the health service in Ireland suffered a ‘significant ransomware attack’ that forced the shutdown of health IT systems across the republic.

Medical staff have reportedly had to resort to paper records, and the number of appointments in some parts of the Republic has dropped by 80 percent since the attack. There have been cancellations of outpatient services as well.

Tool testing

According to Irish broadcaster RTE, the Irish National Cyber Security Centre and private IT specialist contractors are “testing and assessing the integrity of a decryption tool to determine if it is safe to use on healthcare systems…”

RTE also reported that the Health Service Executive has secured a High Court order preventing the Russia-based hackers or any individual or business sharing, processing, or selling the information.

That came after criminals behind the attack threatened to release the data on the internet.

The Irish government has said it has not, and will not pay a ransom, and it added that the provision of the decryption tool is encouraging, and may get hospitals and the health care system back to normal sooner.

Minister for Health Stephen Donnelly said that it is unclear why the decryption key was made available and it came as a surprise.

He reportedly said he did not want to speculate as to why the hackers did this.

Stomach-churning

However the public condemnation of the ransomware attack on health IT systems, during the Coronavirus pandemic, have been very clear.

On Thursday, the head of the Health Service Executive (HSE) Paul Reid described the impact of the cyber attack as ‘catastrophic’ and ‘stomach-churning.’

Reid was quoted by Sky News as saying that the attack was a ‘callous act’ on health workers who have been working ‘relentlessly through the pandemic’.

“I really do believe this is quite a stomach-churning criminal act,” he said. “To launch an attack of such a massive scale on sick and vulnerable people in this country in the midst of a global pandemic is quite an extraordinary thing to do.”

“There is no doubt it is a vicious and a callous act and will be condemned everywhere by decent people,” Reid reportedly said.

“It is also specifically an attack on health care workers, having worked relentlessly for 15 months, making many personal sacrifices and taking many personal risks and providing care for people most impacted by Covid-19,” he concluded.

The DarkSide criminals when they saw the devastation in the United States when they attacked Colonial Pipeline were quick to stress they were just after the money, and it was not a political attack.

DarkSide provided a decrypt tool but only after the company paid a $4.4 million ransom.

However in a salient lesson, Colonial Pipeline was not be able to recover all its downed systems, despite paying the ransom.