Irish Health Service official known as the Health Service Executive (HSE) a government-funded healthcare system was hit by a ransomware attack on Friday this week bringing the testing and treatment of Covid 19 patients to a halt. However, the vaccination program was going as per the earlier plan and the emergency services were operating normally.
Conti Ransomware gang is believed to be behind the incident, but an official announcement from the Irish Health Service, a division of Toshiba is awaited.
Conti is known as a malware spreading gang that indulges in double extortion( data steal before encryption) until a ransom is paid. And if the victim fails to bow down to the demands, then the data that is stolen before encryption is sold on the dark web.
A spokesperson from HSE stated that the attack was a human-led incident that might keep the network disrupted for weeks to come.
Note 1- The incident came to light when the whole world was busy discussing the developments related to the Colonial Pipeline hack that halted the gas delivery system in the South East States of North America.
Note 2- Conti Ransomware reportedly first appeared in May 2020 when the whole world was busy fighting with China propelled Wuhan Virus aka COVID 19. The file-encrypting malware spread by the Conti gang is said to be extremely sophisticated and is quick to spread fast in the network.
Note 3- Using layered network security, shutting down RDP Processes from connecting to the internet in an automated way, and keeping a backup of files for data continuity might help in countering Conti Ransomware attacks on company networks.