#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 10°C Tuesday 26 October 2021
Advertisement

Garda operation targets gang behind HSE cyber attack

A garda spokesman said the operation had “directly prevented” other ransomware attacks across the world.

File photo of a virus on a computer
File photo of a virus on a computer
Image: PA Images

GARDAÍ HAVE CARRIED out a major operation targeting the gang behind the ransomware attack on the Health Service Executive (HSE).

A spokesman said on Sunday: “A significant disruption operation which targeted the IT infrastructure of a cyber crime group has been conducted by the Garda National Cyber Crime Bureau (GNCCB).

“The Garda National Cyber Crime Bureau have seized several domains used in this and other ransomware attacks.”

The ransomware attack on the HSE, which occurred in May, caused major disruption to the Irish health service.

HSE chief Paul Reid said in June that it had had a “devastating impact” and cost the health service millions of euros.

Today, the garda spokesman said the seizure of the websites had “directly prevented” other ransomware attacks across the world.

A so-called “splash screen” has been used on the web domains by gardaí to warn any potential victims that it is likely that their system has been attacked by ransomware.

Gardaí are also working with other police agencies as part of the wider operation.

“A process has also commenced between the Garda Siochana and their law enforcement partners at Europol and Interpol to provide the details of the visiting URLs to the member countries to ensure that the infected systems are appropriately decontaminated,” the spokesman said.

He added that the operation will have a major impact on the cyber crime gang.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

“To date a total of 753 attempts were made by ICT systems across the world to connect to the seized domains.

“In each instance, the seizure of these domains by the GNCCB investigation team is likely to have prevented a Conti ransomware attack on the connecting ICT system, by rendering the initially deployed malware on the victim’s system as ineffective.”

About the author:

Press Association

Read next:

COMMENTS (27)

This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel