Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

3 min read

Conti ransomware attack on Ireland’s healthcare system may cost over €100M

Conti ransomware attack on Ireland’s healthcare system may cost over €100M

In May 2021, a Conti ransomware attack crippled Ireland’s Health Service Executive (HSE). And unfortunately, the country’s public hospital system is still feeling the effects.

RELATEDWhat is ransomware and how to protect against it

The costs of cyberattacks—shut down services, angry patients, and extraordinary monetary costs—are detrimental to healthcare industries worldwide. For healthcare  covered entities, keeping  protected health information (PHI) safe is a crucial part of patient care.

For those in the U.S. under the  HIPAA Act, strong cybersecurity measures, such as  HIPAA compliant email, are essential.

 

Conti ransomware-as-a-service

 

Conti ransomware is a known ransomware-as-a-service that exploits weaknesses in Microsoft products. A U.S. joint advisory notes that the threat actors probably pay users a wage rather than a percentage of the proceeds.

RELATED: What is a nation-state threat actor?

Cyberattackers have long since gone after the healthcare industry as a  lucrative target. Especially for groups, like Conti, that encrypt sensitive information then hold it for  ransom. Based in Russia, Conti’s developers regularly attack healthcare. Recently, the Conti group even announced that it would support Russia’s invasion of Ukraine.

SEE ALSO: AHA warns Russia’s invasion of Ukraine could lead to U.S. healthcare cyberattacks

The Conti developers claimed responsibility for at least 16 cyberattacks within the U.S. Its cyberattacks internationally have risen to more than 1,000.

 

What happened to HSE in 2021?

 

In 2021, HSE discovered a large-scale ransomware attack that shut down its healthcare IT systems nationwide. The cybercriminals (Russian-based Wizard Spider) used Conti ransomware within a malicious Microsoft Excel file attached to a  phishing email.

SEE ALSO: Compromised employee accounts are an expensive problem according to IBM report

The attack led to several immediate problems for HSE’s hospitals:

 

  • EHR (electronic health record) downtime
  • Staff reverting to pen and paper records
  • Appointment cancellations
  • 80% of HSE data encrypted
  • 700 GB of unencrypted PHI exfiltrated

 

The hackers provided a decryption tool for free but threatened to publish the information publicly if they didn’t receive the $20 million bitcoin ransom. HSE refused to pay and the threat group exposed PHI, including COVID-19 vaccination information. Recovery from the above problems took months but does not represent the end of HSE’s issues.

 

Ransomware recovery is long and costly

 

According to ransomware experts, ransomware recovery is a lengthy, complex process with huge expenses from lost time to lost opportunities. To add to this are exorbitant monetary costs:

 

  • Ransom (if paid)
  • Recovery and decryption fees
  • Cybersecurity additions and alterations
  • Lawsuits
  • Governmental fines

 

RELATED: What is a HIPAA violation?

For example, Scripps Health took weeks to get its system back online and suffered $112.7 million in lost revenue. At the moment, HSE’s costs have reached €43 million for IT changes, cyber/strategic partner support, and vendor support. HSE forecasts that expenses could reach as high as €100 million but of course, there are also the costs to patient care.

Lawsuits from patients are pending. While the costs of Ireland’s cyberattack seem high, the numbers show that HSE is serious about improving its cybersecurity.

 

Avoid the costs and headaches

 

We recently summarized a Health Sector Cybersecurity Coordinate Center (HC3) brief urging U.S. healthcare organizations to learn from Ireland’s cyberattack. According to HC3, the problems boil down to missing leadership and up-to-date plans that focus on before, during, and after an attack.

RELATED: Avoid the worst-case scenario with a business continuity plan

HC3 further stated that HSE over-relied on its antivirus software, which is why it added helpful cybersecurity safeguards:

 

 

And of course, strong  email security to block phishing emails from ever making it into an inbox.

 

Ensure HIPAA compliant email with Paubox Email Suite Plus

 

Paubox Email Suite Plus provides needed email security and strong HIPAA compliant email. Our  HITRUST CSF certified solution encrypts all outbound email, which can be sent directly from an existing email platform (e.g.,  Microsoft 365 or  Google Workspace). No extra passwords,  portals, or logins are necessary.

SEE ALSOHow to get employees to use encrypted email

And it blocks incoming phishing messages and other email threats from even reaching an inbox. Our  Zero Trust Email feature requires an additional piece of evidence and keeps  malware from being delivered.

The costs of a cyberattack, especially a ransomware attack, can add up and be astronomical. It's best to avoid having to deal with this by utilizing solid cybersecurity measures before a threat group causes complications.

 

Try Paubox Email Suite Plus for FREE today.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.