James Ward and Michelle Devane, PA
The Government did not pay a ransom or use diplomatic channels to obtain a decryption key that could unlock HSE data hit by a ransomware attack, the Taoiseach has said.
The key was made available on Thursday evening almost a week after the IT system was attacked.
The key was given to the Government by the organised crime group behind the cyberattack, but their reasons for doing so remain unclear.
Taoiseach Micheál Martin said: “No payment was made in relation to it at all. The security personnel don’t know the exact reason why the key was offered back.
“In terms of the operation of getting our services back and getting data systems back, it can help. But in itself, the process will still be slow.
“Certainly the decryption key, getting that is good, but in itself it doesn’t really take away from the enormous work that still lies ahead in terms of rebuilding the systems overall.”
He indicated the rebuilding process will be weeks rather than months.
Responding to reports that the criminals responsible intend to start selling and publishing HSE data online from Monday, Mr Martin said: “We’ve always said that the danger is there for data to be dumped.
“But the High Court action, an injunction that the HSE secured, is a very powerful and strong one, which makes it a criminal act to reveal any data that has been illegally obtained or has been stolen from the HSE system.”
The main purpose of the injunction is to put internet companies such as Google and Twitter on notice of a legal prohibition on the sharing and publication of the information.
Mr Martin said: “We are very encouraged and appreciate the collaboration and co-operation from the major social media companies in respect of this entire attack.
“But also in terms of working with us to make sure that any data that is inadvertently put up will be taken down immediately.”
— HSE Ireland (@HSELive) May 20, 2021
He said paying the ransom demanded by the criminals – reported to be $20 million, or €16.5 million – “would create a pattern of behaviour that would be damaging to the state into the future”.
Earlier, the acting Minister for Justice said the hackers have “no regard for human life”.
They have caused “untold chaos” in the health system, Heather Humphreys added.
The ransomware attack resulted in the HSE having to close down all its IT services, causing widespread delays and the cancellation of appointments at hospitals across the country.
Ms Humphreys said the National Cyber Security Centre (NCSC) and the Garda in tandem with US and European partners were “investigating all avenues”.
“I cannot say who it is. We don’t know,” she said. “But what we do know is that they are criminals. They have no regard for human life.
“They don’t care that they have caused untold chaos in our health service. And you have to consider this is following on from a very difficult year that we’ve all had in terms of Covid.”
Speaking at the launch of the Tidy Towns Competition in Co Monaghan, the Cavan-Monaghan TD said the Government had not paid any ransom to secure the decryption key.
— Heather Humphreys (@HHumphreysFG) May 21, 2021
She added it was being examined “very carefully” by the HSE and NCSC, and appealed to anyone who is contacted by scammers not to interact with them.
“I would say to anyone who gets a call from criminals looking for money or looking for their details or the PPS number, don’t give it to them. Report it to the gardaí. Or go on to the Garda confidential line,” she said.
The number of appointments in some areas of the system has dropped by 80 per cent as health workers grapple with paper records while work continues to recover IT systems.
The NCSC and the Garda National Cyber Crime Bureau are carrying out an international investigation into the attack.