State agencies and businesses are on alert on Monday morning amid fears that a computer virus that has wrought havoc across the world could spread to Ireland as people return to work.
Health service staff are being encouraged not to log on to their computers before they are updated with security patches and anti-virus capability, and the Health Service Executive (HSE) is particularly concerned about potential vulnerabilities on general practitioners' computers.
Minister for Communications Denis Naughten said this morning would be "a crucial test" for the State's IT infrastructure. He urged people not to open any unusual emails and to approach all online correspondence with caution.
"We have been extremely lucky so far but today will be a crucial test," he said. "We are not immune from the threat so we remain cautious. The Department of Communications is liaising with our counterparts in the cyber unit in An Garda Síochána and across Europe. "
Cybersecurity experts said the spread of the virus dubbed “WannaCry” – a “ransomware worm” that locked up more than 200,000 computers – had slowed, but the respite might only be brief. New versions of the worm are expected, and the extent of global damage from Friday’s attack remains unclear.
Europol investigation
Europol said the attack was at an “unprecedented level” and would require a complex international investigation to identify the culprits. It estimated the cyber assault hit 200,000 victims in at least 150 countries, and that number would rise when people returned to work on Monday.
The Health Service Executive believes it will be evident from 10am if data has been compromised. A healthcare facility in Co Wexford was affected by the cyber attack, but as of Sunday evening neither the HSE nor An Garda Síochána was aware of any other assault on any State computer system from the wave of international ransomware attacks.
Richard Corbridge, chief information officer with the HSE, said he was unable to assess the scale of the damage at the Co Wexford facility until the site was visited on Monday morning. A small number of machines will have to be removed and the data compromised will not be recoverable. It was unclear whether patient data had been accessed, but Mr Corbridge said it was unlikely.
Mr Corbridge told The Irish Times his team had been liaising with unions to ensure all GPs were informed of the protocols in place. "We have built up capacity to a position where we had the systems in place to react promptly. Thirty staff have been working over the weekend to ensure we are best-placed to counter the threat."
Operating system vulnerability
There are 49,000 computers in the HSE, 1,500 of which use Microsoft XP, an operating system where a key vulnerability has been identified. Mr Corbridge said these devices would be the primary focus for the IT staff.
Taoiseach Enda Kenny said on Saturday the cyber attack was being monitored very closely. Business group Ibec said it was liaising with the Department of Communications to monitor the threat to Irish businesses.
Worldwide targets included public bodies and large corporations. Hundreds of hospitals and clinics in the British National Health Service were infected on Friday, forcing them to send patients to other facilities. Renault said it had halted manufacturing at plants in France and Romania to prevent the spread of ransomware in its systems.
German rail operator Deutsche Bahn said some electronic signs at stations announcing arrivals and departures were affected, while a Nissan plant in Sunderland, England, was also hit.