#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 15°C Monday 2 August 2021

Initial results 'positive' in testing decryption tool to unlock data, Health Minister says

A decryption key was made available yesterday but Donnelly said “no ransom has been paid”.

File image of Health Minister Stephen Donnelly.
File image of Health Minister Stephen Donnelly.
Image: Rollingnews.ie

THE HEALTH MINISTER has described as “positive” the initial results from testing the validity of a decryption key that may help the HSE to unlock its IT systems.

The government said yesterday that the tool was made available online. A “detailed technical process” then began to ensure that the key is genuine and will not cause any further damage to the HSE systems.

The HSE shut down its IT systems last Friday after it became aware of a significant ransomware attack.

Stephen Donnelly said security contractors are “testing the validity of the key” at the moment. 

“The initial results are positive, but obviously it’s a detailed, technical piece of work,” the Health Minister told RTÉ radio’s Morning Ireland. 

And we need to be absolutely sure that this will help restore the health systems, rather than potentially cause further harm. So work is ongoing on that at the moment.

The minister said it’s “unclear” why this decryption tool was made available. 

“It came as a surprise. We became aware yesterday afternoon that the key was being made available on a site which is linked to this criminal gang.

“Our technical group obviously then obtained that key, and are currently testing it.”

The Journal reported yesterday that the ransomware attack started when a single computer stopped working, causing its user to reach out for help by clicking on a link.

Donnelly said “no ransom has been paid by this government directly, indirectly, through any third-party or in any other way, nor will any such ransom be paid”. 

Reports said the hackers have threatened to release the data if a ransom is not paid by next Monday, a threat Donnelly said is being taken “very seriously”. 

“There obviously have been redacted pieces of information put up on the dark web to this point. Because it’s an ongoing criminal investigation, we can’t confirm whether the records are genuine.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

“However, as people will be aware. It is entirely possible and this sort of approach is quite standard procedure in these kinds of attacks.”


Yesterday, the HSE acquired a court injunction that requires anyone who is possessing HSE data to hand it over and not disclose, trade or deal in the information.

Donnelly defended the injunction, saying officials received a “very positive and strong” result from the judge. 

“I don’t imagine that a criminal gang capable of doing what they did to our healthcare system and to patients in our country are going to be too worried about a court order, however it is relevant and very applicable to people here who may seek to share that information themselves, potentially just out of interest or for their own reasons,” he said. 

Donnelly added that there is “good progress being made” in restoring some health systems across services for radiology, local labs and patient administration. 

Read next:


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel