#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 22°C Friday 23 July 2021

HSE remains cut off from external networks as finger points to North Korea over cyber attack

Ireland has remained largely unaffected by the global cyber attack, which hit more than 200,000 victims.

Image: Yui Mok/PA

THE HSE REMAINS disconnected from external networks following a global cyber attack, with security experts warning North Korea could be to blame for the worldwide hacking.

In a statement yesterday, the HSE said it would remain disconnected from receiving external email for a further 48 hours “as a measure of additional protection”.

It said that by midday yesterday there had been three suspected cases of the most recent malware in the HSE, known as WannaCry. However, in each of these cases it was an older form of malware for which protection was available.

Ireland has remained largely unaffected by the global cyber attack, which hit more than 200,000 victims.  The attack struck banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in old Microsoft operating systems.

To date, the only system affected in Ireland is a HSE-funded community care unit in Wexford which isn’t connected to the main HSE network.

Communications Minister Denis Naughten is set to brief Cabinet today on the fallout from the cyberattack.

North Korea

Globally, South Korean cybersecurity experts warned that more attacks could be in the pipeline, as fingers pointed at the North.

Since Friday, banks, hospitals and state agencies have been among the victims of hackers exploiting vulnerabilities in older versions of Microsoft computer operating systems and demanding payment in the virtual currency Bitcoin.

The code used in the latest attack shared many similarities with past hacks blamed on North Korea, including the targeting of Sony Pictures and the central bank of Bangladesh, said Simon Choi, director of Seoul internet security firm Hauri.

Choi, known to have vast troves of data on Pyongyang’s hacking activities, has publicly warned against potential ransomware attacks by the North since last year.

“I saw signs last year that the North was preparing ransomware attacks or even already beginning to do so, targeting some South Korean companies,” he told AFP.

He cited a major attack last year that stole the data of over 10 million users of Interpark, a Seoul-based online shopping site, in which hackers demanded bitcoin payments worth about $3 million.

Seoul police blamed the North’s main intelligence agency for the attack.

More attacks were possible, Choi said, “especially given that, unlike missile or nuclear tests, they can deny their involvement in attacks in cyberspace and get away with it”.

Security researchers in the US, Russia and Israel have also reported signs of a potential North Korean link to the latest cyber attack, although there is no conclusive evidence yet.

Google researcher Neel Mehta posted details showing similarities between the “WannaCry” malware and computer code used by the Lazarus hacking group, widely believed to be connected to Pyongyang.

The isolated, nuclear-armed state is known to operate an army of thousands of hackers operating in both the North, and apparently China, and has been blamed for a number of major cyber attacks.

With reporting from © – AFP 2017

Read: Tusla warns that child protection reports may not have been received over weekend

Read: Growing global cyberattack hits 200,000 victims so far and there’s more to come>

About the author:


Read next: