- THE Russian crime gang who have crippled the HSE in a cyber attack are also holding the Department of Health to ransom.
- The Conti ransomware operation is believed to be run by an Eastern European cybercrime group known as Wizard Spider.
- Foreign Affairs Minister Simon Coveney tonight said a “war room” has been set up as the Government and health service chiefs fight to safely restore their systems without having to pay the web crooks.
- We revealed yesterday that the gang has demanded up to €16million in ransom off the HSE and they had access to its network for two weeks.
- Minister Coveney said there were “real consequences” to paying criminals ransom.
- It was claimed that the hack on the health service has forced the HSE “back 20 years” with GPs being asked to only make referrals if it is considered urgent.
- In previous attacks conducted by the Wizard Spider group, phishing attacks are used to install Trickbot and BazarLoader trojans that offer remote access to infected machines.
- They then steal credentials and harvest unencrypted data stored on workstations and servers before encrypting all of the devices.
- They then use the stolen data as leverage to force victims into paying a ransom by threatening to release it on their ransom data leak site if they do not receive payment.
- The hackers claim to have stolen 700GB of unencrypted files from the HSE — including patient and employee information — while lurking on its system for two weeks.
- Hospitals across the country reported of being severely impacted by the cyber attack.
– Aoife Horan and Harry Manning | May 16, 2021
