Key health services including MRI scans, X-rays and blood tests suffered a slowdown yesterday as the HSE shut down all email communication to protect its computer system from the global ransomware cyber virus.
Despite the lockdown on all staff email accounts, the HSE said “patient care has been protected” and services were able to continue throughout the day.
The widespread lockdown of the HSE’s email system prevented the service’s main computer network from being infected with the global “WannaCry” ransomware virus, despite thousands of attempted attacks from the international cyber virus.
One hospital in Dublin recorded 5,000 attempts from the ransomware cyber virus to infiltrate its computer system on Saturday alone, a HSE spokesman said. But the virus was caught by the hospital’s IT security system.
The latest Microsoft security update, released in March to close the vulnerability in Windows operating systems to the ransomware virus, has been downloaded on to 28,000 HSE computers since Saturday. Some 52,000 computers and 2,350 servers have been updated with the most recent antivirus security software in an emergency IT blitz since news of the global cyber attack broke over the weekend. The HSE has estimated there are 1,500 computers still operating on the vulnerable unsupported Windows XP system. A HSE spokesperson outlined that IT staff have located more than half of the at-risk computers, and expect to find and address the remaining units by Wednesday.
Computer viruses were found in IT systems at three Irish hospitals on Monday afternoon, which the HSE initially suspected to be linked to the international ransomware virus. The HSE later found the breaches related to a separate computer virus, and internet access was suspended while the viruses were contained and dealt with.
“In all three cases, the hospital was returned to the health network and continued to deliver patient care with no impact,” a HSE spokesperson outlined.
The HSE shut down all staff access to email from Monday morning, and provisionally anticipates the IT restriction will be lifted by lunchtime on Tuesday. On Saturday, the health service cut off all external email communication, meaning staff could not send or receive emails from outside of the HSE’s internal network. A spokesman for the Health Service said they expected to restore external email access by Wednesday afternoon.
Richard Corbridge, chief information office at the HSE, said the virus is "still active" and there is still a threat to the service's computer system. The HSE antivirus security successfully rebuffed the internal ransomware cyber attack throughout the weekend and on Monday, Mr Corbridge said. The WannaCry ransomware virus infiltrates computers when users inadvertently download it by clicking on links or attachments in unsecure emails.
HSE management took the decision to suspend all staff email access in order to prevent the virus being accidentally downloaded into the internal computer system, while the health service’s IT teams updated the antivirus security protection across the HSE.
Stephen McMahon, chair of the Irish Patient Association, said there is a "big worry" about the impact of the slowdown due to the suspension of email access on the fragile health system. Mr McMahon also said the "security of patient information and patient services" needed to be protected throughout the IT lockdown across the service. The global wave of cyber attacks hit over 200,000 targets across 150 countries.
Some local HSE services and small operational functions that relied on computers were suspended on Monday, according to a spokesman for the HSE. The email shutdown also affected some of its “scheduling and appointment services”, a spokeswoman said.
There were three suspected cases in the HSE of the Wannacry malware by midday on Monday, but in each case it proved to be an older virus for which protection was available.