What happens when a country comes under ransomware attack?

Ireland has been hit by a “significant” ransomware attack forcing the country’s health services to shut their IT systems and cancel some medical appointments. 

The IT systems could take “days” to return to their normal functioning in what has been described by a government minister as “possibly the most significant cybercrime attack on the Irish State” ever, reports The Irish Times. 

Health service chief Paul Reid said there was a “human-operated” attempt to access data stored on central servers, possibly carried out by an international criminal organisation seeking to extort money. He told RTÉ that no ransom has been demanded at this stage, adding: “The key thing is to contain the issue. We are in the containment phase.” 

On Thursday, there were “two or three” distributed denial of service (DDOS) attacks on parts of the HSE system which were thought to be “routine” at the time, reports the Irish Times. But it is now thought the attacks may have been “forerunners” for the bigger attack, and that those behind this were “knocking on the door”, the paper says.

What is ransomware?

Ransomware are computer viruses that take over other people’s devices, often with the threat to delete files unless a payment is made. Typically it gets into a device by exploiting vulnerable software or tricking a person into installing it. Security experts call ransomware the “fastest growing form of computer virus”, the BBC reports.

Could this happen in the UK?

The UK has already suffered and experts warn it could easily happen again. 

Foreign Secretary Dominic Raab this week made his first major speech on cybersecurity, outlining the creation of a new National Cyber Force, which would carry out “offensive operations” against criminal gangs, including denying gangs “access to their infrastructure and undermining their network”, reports the BBC.

Raab issued a warning to Russia, saying the country should take responsibility for cybercriminals operating in the country. “Even if it is not directly linked to the state they have a responsibility to prosecute those gangs and individuals,” he said.

In 2017, Britain was one of the more than 150 countries affected by the WannaCry ransomware attack. The virus encrypted data on infected computers and demanded a ransom of around £230. 

At least 6,900 NHS appointments were cancelled because the systems closed down. A government report said the NHS had been particularly vulnerable because it had not followed cyber-security recommendations.

“NHS England said no patient data had been compromised or stolen and praised the staff response,” the BBC reported at the time.

Ciaran Martin, head of the UK’s National Cyber Security Centre, told The Guardian in 2018 that a major attack was imminent and that it was a matter of “when, not if”. He added that the UK was lucky to have avoided a category one attack – one “that might cripple infrastructure” – when it had already impacted other western nations.

How can I protect my data?

Some of the best defence methods are to have strong security measures, such as updating anti-virus software and passwords that are difficult to crack.