No ransomware attacks during Covid-19 to date – HSE

The HSE or HSE-funded bodies have not been subject to any ransomware attacks during the Covid-19 pandemic to date, a spokesperson has confirmed.

However, the Executive has “elevated, in conjunction with its partners, the level of attention given to its existing premium security systems during this period”. Perimeter security has been “enhanced with additional capacity”.
In recent months, agencies such as Interpol have warned that healthcare organisations globally are vulnerable to ransomware attacks amid Covid-19.

According to the HSE’s spokesperson, it has controls in place to protect its communications platforms, including flagging of outbound and inbound external mails and anti-spam controls, etc.

“The HSE issued targeted communications to staff with respect to potential criminal exploits during Covid-19. This was done in conjunction with standard cyber security communications to ensure heightened awareness during the critical period.”

Asked what measures had been taken to ensure remote working is IT-secure, the spokesperson said the HSE used “best in class” products to provide access to systems for remote working. “All laptops deployed to support remote working users are fully encrypted in accordance with all prevailing HSE security standards.”

Meanwhile, the HSE confirmed it had negotiated an “extended warranty deal” with Microsoft to cover its Windows 7 estate at a cost of €1.1 million.
Earlier this year, it was reported that the HSE had not updated its Windows version in time to avoid paying for emergency protection from Microsoft.