Tusla issues child protection warning after malware attack

Child and Family Agency may not have received reports of concerns since Friday

Tusla, the Child and Family Agency, has warned that it may not have received reports of child protection concerns sent to it by email since last Friday, due to the global malware attack.

The agency also said that it would not be able to receive such reports until at least Wednesday, due to precautionary measures following the attack.

In a statement on Monday, Tusla asked that anyone who had reported a child protection concern to the agency by email since Friday, or who had a concern about a child, to contact their local social work duty team immediately.

Three hospitals in Ireland have been hit by the WannaCry attack that has affected computer systems across the world.

External communication to the Irish health service’s servers has been blocked until Wednesday to stop the spread of the virus.

HSE officials have confirmed that up to 20 of its computers had been affected.

In its statement, Tusla said both it and the HSE had taken a number of steps to protect their joint ICT systems.

“All external emails have been blocked since Friday evening as a precautionary measure while security work is undertaken, and staff currently have no access to emails.”

External communications

The statement said the Tusla network would continue to be disconnected from external communications for another 48 hours as a precaution, meaning that emails from outside Tusla would continue to be blocked.

“In many situations, Tusla relies on referrals from members of the public and organisations and individuals working with children to identify children at risk.

“If anyone has reported a child protection concern to Tusla by email since Friday evening, please be advised that this may not have been received,” the organisation said.

“We ask anyone who has reported a child protection concern by email since Friday, or who has a concern about a child, to contact their local social work duty team immediately.”

Contact details for all social work duty teams are available on the Tusla website.

Anyone concerned about an immediate risk to a child could also contact An Garda Síochána.

Minister’s statement

Minister for Communications Denis Naughten is briefing the Cabinet sub-committee on infrastructure, environment and climate action on the attack on Monday afternoon.

In a statement beforehand, Mr Naughten said: “There have been no further reported incidences of the WannaCry2 malware in Ireland, beyond the isolated case in a HSE-funded facility in Wexford on Saturday.”

However, he said it was still possible that further incidences would arise and that “a sustained period of vigilance” would be required, both in terms of updating and patching software and monitoring equipment.

Mr Naughten said the National Cyber Security Centre (NCSC) in the Department of Communications, Climate Action and Environment was monitoring the situation on an ongoing basis.

He said the NCSC remained in close contact with international counterparts and with public and private sector entities in Ireland, “both in terms of . . . dealing with the threat and taking measures to ensure that the impact of any future variants of this malware is limited”.

The NCSC was also co-operating with the Garda Cyber Crime Bureau and with the Defence Forces on the issue, and would bring any evidential material to the attention of gardaí immediately, Mr Naughten said.

The NCSC issued advisory notices to Government departments and agencies over the weekend.

Its latest, issued on Monday morning, gives a detailed assessment of the malware type and of the measures that entities might take to deal with it.

The notice also provides material that entities might use to inform staff of the risks that arise in this space and the general measures that they should take on a daily basis to prevent ransomware.

Mr Naughten will update the Cabinet on the attack on Tuesday.