This unprecedented attempt to blackmail the State must never be allowed to recur
JUST as the prospect of a long, hot and free summer began to become a reality in people’s minds and hopes, two clouds appear on the horizon. The emergence of the Indian variant as one of significantly more transmissibility is of concern. Our proximity to Britain means that the warning it is likely to become the dominant strain in the UK is a worrying development, not least because of our porous border and the possibility that the major vaccines may have different levels of efficacy in dealing with it.
Of more immediate concern is the criminal attack on the State by hackers intent on leveraging the medical records of the most vulnerable among us for monetary gain. The mindset of those who would attack during a global pandemic is incomprehensible to most.
The existence of the threat of a cyberattack, however, cannot have come as a surprise to those tasked with protecting the information now under threat. It is too early to say what has occurred, with the HSE’s Dr
Colm Henry saying it may take days to resolve.
The State, quite correctly, has confirmed its lack of intention to pay the ransom that has been demanded. Such a move would, in the words of HSE chief Paul Reid, ‘open a Pandora’s box’.
Junior Minister Ossian Smyth, whose portfolio includes ‘eGovernment’, has said the attacking criminals used a previously unknown technological vulnerability.
If this is the case, it might seem unfair to blame those in charge of the HSE for failing to prevent this assault on its IT system. But as we reveal today, the HSE’s expenditure on IT security is miniscule - and well below acceptable international standards.
Once the immediate issue is resolved, hopefully without the release of sensitive information and certainly without the payment of any ransom, significant questions will have to be answered.
A robust timeline of events leading to this unprecedented blackmail attempt will have to be established. If failures in cybersecurity or resource management led to vulnerabilities in the State’s protection against such crime, lessons must be learned.
If warnings from other applicable attacks, such as the one on the UK’s NHS in 2017, were not heeded appropriately, questions will have to be asked.
We will need a full and quick inquiry into any potential failings within the HSE that allowed this to happen.
This newspaper will reserve judgement until the facts are brought to light. We wish well those tasked with restoring the system at a time of vital national importance, and we hope the impact on the State’s response to the pandemic and the health service, in general, is minimised and ultimately eradicated. All efforts must be made to find and prosecute the attackers who were able to shut down our entire health service with the click of a computer mouse, sending it ‘back to the stone age’, as one medic said yesterday.
Our enduring respect goes out to those on the frontline who have been forced to return to working with pen and paper to maintain the best level of care they can in these circumstances. Their heroism continues to inspire us, as it has done throughout the pandemic.
They certainly do not deserve to be held hostage by faceless online criminals, who use their technological aptitude and callous lack of morality, to strike while the world is on its knees.