Statement on the Cyber Attack on HSE
From Department of the Environment, Climate and Communications
Published on
Last updated on
From Department of the Environment, Climate and Communications
Published on
Last updated on
The HSE became aware of a significant ransomware attack on some of its systems overnight. The National Cyber Security Centre (NCSC) was informed of the issue and immediately activated its crisis response plan.
The NCSC is intensively engaging with the HSE and deploying its resources to fully support the HSE in identifying the affected systems and to bring all systems back online.
The NCSC is also working with the HSE to identify the technical details of the malware used in this incident and will issue an advisory later to share these details.
The NCSC is also engaging with EU and other international partners to share information on this incident and to ensure that the HSE has immediate access to international cyber supports.
Minister Eamon Ryan and Minister of State Ossian Smyth were briefed by the NCSC earlier this morning and will be briefed again at midday. Both Ministers will be engaging with their colleagues in Government and senior HSE officials throughout the day.
Ransomware is a form of malicious software (malware) that encrypts a victim's files. The cyber attacker then demands a ransom from the victim to restore access to the data upon payment.
The National Cyber Security Centre (NCSC) was established in 2011.
The NCSC is composed of highly skilled, specialist technical civilian staff, with skillsets in areas such as computer science, software engineering, malware analysis, information technology forensics, cryptography, software development, and cyber security compliance, as well as general cyber security skills.
A key function of the National Cyber Security Centre (NCSC) is to support the management of major cyber security incidents, provide guidance and advice to citizens and businesses, and manage cyber security related risks to key services.
The NCSC is also responsible for cyber risk and incident handling in the State and provides early warnings, alerts, announcements and dissemination of information about risk and incidents to relevant stakeholder and provides dynamic risk and incident analysis and situational awareness on an ongoing basis during live cyber security incidents.