Conti ransomware attack on Ireland’s healthcare system may cost over €100M

Featured image

Share this article

Hackensack Meridian Health hit by ransomware

In May 2021, a Conti ransomware attack crippled Ireland’s Health Service Executive (HSE). And unfortunately, the country’s public hospital system is still feeling the effects.

RELATEDWhat is ransomware and how to protect against it

The costs of cyberattacks—shut down services, angry patients, and extraordinary monetary costs—are detrimental to healthcare industries worldwide.

For healthcare covered entities, keeping protected health information (PHI) safe is a crucial part of patient care. For those in the U.S. under the HIPAA Act, strong cybersecurity measures, such as HIPAA compliant email, are essential.

Conti ransomware-as-a-service

Conti ransomware is a known ransomware-as-a-service that exploits weaknesses in Microsoft products. A U.S. joint advisory notes that the threat actors probably pay users a wage rather than a percentage of the proceeds.

RELATED: What is a nation-state threat actor?

Cyberattackers have long since gone after the healthcare industry as a lucrative target. Especially for groups, like Conti, that encrypt sensitive information then hold it for ransom.

Based in Russia, Conti’s developers regularly attack healthcare. Recently, the Conti group even announced that it would support Russia’s invasion of Ukraine.

SEE ALSO: AHA warns Russia’s invasion of Ukraine could lead to U.S. healthcare cyberattacks

The Conti developers claimed responsibility for at least 16 cyberattacks within the U.S. Its cyberattacks internationally have risen to more than 1,000.

What happened to HSE in 2021?

In 2021, HSE discovered a large-scale ransomware attack that shut down its healthcare IT systems nationwide. The cybercriminals (Russian-based Wizard Spider) used Conti ransomware within a malicious Microsoft Excel file attached to a phishing email.

SEE ALSO: Compromised employee accounts are an expensive problem according to IBM report

The attack led to several immediate problems for HSE’s hospitals:

  • EHR (electronic health record) downtime
  • Staff reverting to pen and paper records
  • Appointment cancellations
  • 80% of HSE data encrypted
  • 700 GB of unencrypted PHI exfiltrated

The hackers provided a decryption tool for free but threatened to publish the information publicly if they didn’t receive the $20 million bitcoin ransom. HSE refused to pay and the threat group exposed PHI, including COVID-19 vaccination information.

Recovery from the above problems took months but does not represent the end of HSE’s issues.

Ransomware recovery is long and costly

According to ransomware experts, ransomware recovery is a lengthy, complex process with huge expenses from lost time to lost opportunities. To add to this are exorbitant monetary costs:

  • Ransom (if paid)
  • Recovery and decryption fees
  • Cybersecurity additions and alterations
  • Lawsuits
  • Governmental fines

RELATED: What is a HIPAA violation?

For example, Scripps Health took weeks to get its system back online and suffered $112.7 million in lost revenue.

At the moment, HSE’s costs have reached €43 million for IT changes, cyber/strategic partner support, and vendor support.

HSE forecasts that expenses could reach as high as €100 million but of course, there are also the costs to patient care. Lawsuits from patients are pending.

While the costs of Ireland’s cyberattack seem high, the numbers show that HSE is serious about improving its cybersecurity.

Avoid the costs and headaches

We recently summarized a Health Sector Cybersecurity Coordinate Center (HC3) brief urging U.S. healthcare organizations to learn from Ireland’s cyberattack. According to HC3, the problems boil down to missing leadership and up-to-date plans that focus on before, during, and after an attack.

RELATED: Avoid the worst-case scenario with a business continuity plan

HC3 further stated that HSE over-relied on its antivirus software, which is why it added helpful cybersecurity safeguards:

And of course, strong email security to block phishing emails from ever making it into an inbox.

Ensure HIPAA compliant email with Paubox Email Suite Plus

Paubox Email Suite Plus provides needed email security and strong HIPAA compliant email. Our HITRUST CSF certified solution encrypts all outbound email, which can be sent directly from an existing email platform (e.g., Microsoft 365 or Google Workspace).

No extra passwords, portals, or logins are necessary.

SEE ALSOHow to get employees to use encrypted email

And it blocks incoming phishing messages and other email threats from even reaching an inbox. Our Zero Trust Email feature requires an additional piece of evidence and keeps malware from being delivered.

The costs of a cyberattack, especially a ransomware attack, can add up and be astronomical. It’s best to avoid having to deal with this by utilizing solid cybersecurity measures before a threat group causes complications.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022