State computer systems avoid latest cyberattack

Civil Service alerted to ‘imminent threat’ on Tuesday as ‘Petya’ virus hits across globe

A laptop screen displays a message after it was infected with ransomware during a worldwide cyberattack, in Geldrop, Netherlands. Photograph: Rob Engelaar/EPA
A laptop screen displays a message after it was infected with ransomware during a worldwide cyberattack, in Geldrop, Netherlands. Photograph: Rob Engelaar/EPA

There has been no recorded incident of the latest global cyberattack targeting State computer systems.

The Health Service Executive (HSE) chief information officer Richard Cobridge said the Civil Service was alerted of an "imminent threat" to cybersecurity at 3.30pm on Tuesday.

All HSE hospitals were alerted immediately when a warning was received after the first outbreak of the cyberattack in eastern Europe on Tuesday. By 6pm on Tuesday evening the whole hospital system was “fully protected” against an attempted cyberattack, Mr Cobridge said.

“There were lessons learned from the last ransomware attack and there was a good proactive response from the Irish Civil Service. There was a very collaborative response with a lot of information sharing across the board. It was extremely impressive” he said. Anti-virus software has been updated across the HSE’s computer systems since the cyberattack in May.

READ SOME MORE

A spokesman from the National Cyber Security Centre (NCSC) said “the incident remains very limited in terms of scope, with around 2,000 victims globally”.

The NCSC are liaising with international companies affected by the cyberattack who have offices in Ireland, but no instance of the virus on any of the companies Irish computer systems have been identified.

The Minister for Communications Denis Naughten met the head of the National Cyber Security Centre Dr Richard Browne on Tuesday and Wednesday. A spokeswoman said "the Minister is being kept updated on the recent cyberattack, which is an ongoing situation".

The cyberattack is very similar to the ransomware virus called WannaCry that spread to more than 150 countries in May. The new virus, called “Petya” targets a vulnerability in older Windows XP computer systems, shutting down the computer and demanding a $300 ransom payment from the user to unlock their computer again.

This virus was not as widespread as the last global ransomware attack, which shut down some NHS hospital services in the UK. A number of international companies with offices in Ireland were affected by the Petya virus, including US pharmaceutical company MSD and UK advertising agency WPP.

The virus is still active, but the email account the hacker used to communicate with computer users and demand a payment has been shut down. The German email server Posteo said they shut down the email address linked to the cyberattack, and have reported the issue to the German federal police.

‘Worm’ hack

Computer users affected by the cyberattack are advised to not pay the ransom, as since the hacker’s email has been shut down there is no way to communicate with the hacker to confirm you have paid and request your computer be unlocked.

The Petya virus operates as a “worm” type hack. This means once it is inadvertently downloaded on to one computer, it can spread to all other computers who are on the same system, either in a company or State agency.

The cyberattack started in the Ukraine, and hit numerous government and business computer systems before spreading across Europe to France, Germany, the UK, and to systems in the US.

Simon Collins, Irish director of cybersecurity at global firm EY, said the second global ransomware cyberattack should be taken as the “final wake-up call that cyberattackers are not going away”.

Mr Collins said the cost of repairing damage and improving cybersecurity from the recent incidents was likely to cost companies hundreds of millions of dollars across the global economy.

“Basic cybersecurity measures can significantly reduce the risks of becoming a victim in the first place,” he said.

He added companies and State agencies should focus on training staff on how to spot and avoid potential malware viruses, and they should ensure computer systems have the latest anti-virus software and security patches installed.

Jack Power

Jack Power

Jack Power is acting Europe Correspondent of The Irish Times