HSE hack a 'wake-up call' says Cork cyber expert

A Cork cyber security expert has said the encryption key is “a ray of hope” but the HSE hack is a “serious wake-up call”.

Ronan Murphy, who is the CEO of Smarttech247, has appeared on a myriad of TV and radio channels, offering insight to the cyber attack on the health service.

“It’s important to have accurate commentary on this, there is a lot of fake news around the situation; as someone who works in this industry and understands the nuances, it’s good to share the knowledge,” Mr Murphy said.

The hack was a “serious wake-up call” in relation to the need for investment in cybersecurity. “These attacks are more and more prevalent, it is like a warzone.”

Mr Murphy said the blueprint for this hack was out there. “This has happened again and again; it has to be taken seriously.”

He emphatically stressed that the data infiltrated by the criminal gang targeting the HSE had not been released, yet.

“The gang has said they will sell the data on Monday,” Mr Murphy said.

Due to the ransomware attack on our IT systems, there continues to be disruptions to our services. More details on service disruptions here: https://t.co/6WxGKGZp46 pic.twitter.com/gYVmUDVH4l

— HSE Ireland (@HSELive) May 21, 2021

Chatting about the breakthrough of an encryption key becoming available, the Cork cybersecurity expert said it was a “ray of light in a dark situation.”

While the encryption key is a great advancement in relation to the road back from the hack, Mr Murphy said it would bring resolution in weeks as opposed to months.

“Hackers spend a great deal of time on cyber attacks and in my experience, not as much time and energy on how to solve it. Encryption keys are notoriously buggy.”

Smarttech247, which has a number of large hospitals as clients, said they are working hard on rectifying the issue.

“Thankfully, none of the hospitals that are our responsibility has been directly compromised, but there is a knock-on effect due to the hack, and the staff are unable to access the information and data they need.”

Meanwhile, the Government did not pay a ransom or use diplomatic channels to obtain a decryption key that could unlock HSE data hit by a ransomware attack, the Taoiseach has said.

The key was made available on Thursday evening almost a week after the IT system was attacked.

The key was given to the Government by the organised crime group behind the cyber attack, but their reasons for doing so remain unclear.

Taoiseach Micheál Martin said: “No payment was made in relation to it at all. The security personnel don’t know the exact reason why the key was offered back.

“In of the operation of getting our services back and getting data systems back, it can help. But in itself, the process will still be slow.

“Certainly the decryption key, getting that is good, but in itself it doesn’t really take away from the enormous work that still lies ahead in of rebuilding the systems overall.” 

He indicated the rebuilding process will be weeks rather than months.

Responding to reports that the criminals responsible intend to start selling and publishing HSE data online from Monday, Mr Martin said: “We’ve always said that the danger is there for data to be dumped.

“But the High Court action, an injunction that the HSE secured, is a very powerful and strong one, which makes it a criminal act to reveal any data that has been illegally obtained or has been stolen from the HSE system.” The main purpose of the injunction is to put internet companies such as Google and Twitter on notice of a legal prohibition on the sharing and publication of the information.

Mr Martin said: “We are very encouraged and appreciate the collaboration and co-operation from the major social media companies in respect of this entire attack.

“But also in of working with us to make sure that any data that is inadvertently put up will be taken down immediately.” He said paying the ransom demanded by the criminals – reported to be 20 million dollars, or 16.5 million euro – “would create a pattern of behaviour that would be damaging to the state into the future”.