[ad_1]
Ireland is examining a decryption tool that could end the week-long shutdown of its health service’s hacked computer system and has also secured a court order preventing it from sharing and publishing stolen data.
In a statement on Thursday evening, the Irish government said it had made available a decryption tool “that can support work in progress [to] repair the impact of the cyberattack on the computer systems of the HSE (Health Service Executive) ”.
As part of the attack, hackers encrypted the data so that the HSE could not access it. The tool will allow the HSE to re-access the data, if it works.
Separately, the Dublin High Court granted the HSE a court order preventing anyone from sharing, processing, selling or publishing data stolen by hackers. The HSE said the action was designed to make it illegal for sites like Google and Twitter to share information.
The news came less than 24 hours after hackers reported that patients and other confidential data would be posted online and sold unless a $ 20 million ransom is paid on Monday. The hacking, which began in the early hours of May 14, forced Ireland to shut down most of its health computer systems, causing a huge disruption.
Health Minister Stephen Donnelly stressed on Thursday that no ransom had been paid for the decryption key. An online chat seen by FT shows that the key was provided by an account called ContiLocker Team.
Ireland has said the Conti hacker group is behind the attack. The ContiLocker Team account has shared a sample of 27 files that include information related to 12 designated people, the Financial Times reported Wednesday.
The government said investigators were conducting a “detailed technical process to ensure the integrity of this decryption tool… To ensure that this tool would support the restoration of our systems, rather than causing further damage.” .
Investigators have not confirmed the leak, but Irish Communications Minister Eamon Ryan, who oversees the National Cyber Security Center, called the FT report “credible and accurate”.
A chat entry between ContiLocker Team and an unnamed account on Wednesday night warned: “On Monday we will start selling and posting your data.” Online chat is on the dark web, a section of the Internet that can only be accessed through an anonymous browser known as Tor.
The ContiLocker team claims to have stolen 700 GB of HSE data, including patient files, payroll information, bank statements and business documents.
The FT examined a medical file that included an admission report, doctors ’letters, and lab reports for a person, along with contact details of their closest relatives and other personal information. The details of the file matched a publicly available death notice.
Six days after the ransomware attack, doctors warned him patient care is being affected by postponed visits for services such as radiation checks, X-rays, and cervical cancer, as well as difficulties in accessing patient test results.
Thursday morning, a senior HSE executive, Dr. Vida Hamilton He told Ireland’s RTE radio station that there was a “huge risk” in hospitals as a result of the hacking. “We know nothing about the individual. We have no graphs, no registration number, ”he said, describing how manual processes introduced“ delay and risk of error ”.
While hackers have caused many other casualties, including a recent ransomware attack on a U.S. oil pipeline that caused fuel shortages, scrutiny has increasingly focused on the shortcomings that led to the HSE was vulnerable.
Thursday’s Irish Times reports described how internal audits are marked “Weaknesses” to the HSE’s security and disaster recovery protocols three years ago.
[ad_2]
Source link
