Ireland shuts down health IT system after ransomware attack


The requested article has expired, and is no longer available. Any related articles, and user comments are shown below.

© 2021 AFP

©2021 GPlusMedia Inc.

Login to comment

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates.

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel.


It isn't known who took the money. Could be law enforcement or one of the founders decided it was just too hot to be left there. $17+M was in the account from over 80 other malware attacks. Darkside claims it wasn't them taking the money.

A few hours ago, we lost access to the public part of our infrastructure,” the message continues, explaining the outage affected its victim shaming blog where stolen data is published from victims who refuse to pay a ransom.

Hopefully, the bad guys lost.

REvil is the malware service provider that Darkside used. They have prohibited use against organizations like health care, so it is likely their infrastructure, which is world-wide, was not involved.

-2 ( +0 / -2 )

Hunt them all down, and bring them all to Justice.

3 ( +3 / -0 )

There's no Street cred. for taking down a Health System. Those responsible should face the wrath of everyone Globally, regardless of ilk, their own friends, their neighbors and even their own Families would be doing the World a Service by providing information about their whereabouts to the Authorities!

Act now, put these so called "hackers" out of business once and for all.

3 ( +3 / -0 )

Doing something like this to an entire countries Health service in the middle of a pandemic is so evil that some element of espionage could not be ruled out. Ireland tends to be critical of one country in particular.

2 ( +2 / -0 )

Nothing new with ransomware attacks including one on the UK NHS a couple of years ago. Shameful that the Irish didn't employ enough qualified staff and computer systems to protect the DATA.

-3 ( +0 / -3 )

Unfortunately these things will most likely increase.

I'm curious as to how they did it. Would separated, redundant data solve for things like this?

0 ( +1 / -1 )

Zichi, where did you get that opinion from? Did you just dream it up or do you have evidence for it?

You skew the criticicm towards Ireland and away from the vermin that have done this.

Whoever did it will get their payback. Trust me.

2 ( +2 / -0 )

Would separated, redundant data solve for things like this?

I think it's a very complex problem. I assume a national health service at some point wants to have all a person's medical records viewable at one time - for GPs for example. But those records may come from various sources - the GP's notes, the x-ray place at the local hospital, the blood testing clinic, the local covid vaccination centre, etc. It is speeded up if records are connected over the internet. But it leaves open lots of issues - who should see what at any point in the network.

Sad to say, but maybe the fax approach has some benefits.

-1 ( +0 / -1 )

Another headline reads:

"largest gasoline pipeline — hit last week by a ransomware attack".

Latest reports suggest this attack on Irelands Health System is the nastywork of the same Scumbags who did it on that USA gas pipeline.

Whatever about a gasoline pipeline, who could do such a thing to a nations health system?

The scum of the earth.

But it is also really bizarre and totally out of order to start blaming the victims (as one comment above).

Until this particular group are caught, every and any form of organization is at risk.

1 ( +1 / -0 )

According to several sources, Colonial Pipeline paid a $5m ransom, incentivising the next round of attacks.

You should never pay these guys. Doing so turns every other vulnerable system into a jackpot prize.

Keep infrastructure systems off the net. Prioritise your IT security (hardly any infrastructure/govt. projects do). Airgap your intranet and your internet-facing systems with human beings. Distribute your data and software. And train your staff so they don't do the idiot things that usually allow ransomware access.

1 ( +1 / -0 )

Re: GBR48,

That is sound practical advice.

New Zealand health service attacked today.

Who is next?

If these hackers are consistently coming from identifiable countries, and they never attack those countries, then action needs to be taken against those countries at UN level on this issue.

0 ( +0 / -0 )

Login to leave a comment

Facebook users

Use your Facebook account to login or register with JapanToday. By doing so, you will also receive an email inviting you to receive our news alerts.

Facebook Connect

Login with your JapanToday account

User registration

Articles, Offers & Useful Resources

A mix of what's trending on our other sites