Ireland's health service shut down all of its IT systems on Friday to protect against a sophisticated ransomware attack that has been described as the most significant cybercrime attempt against the Irish state.
The Health Service Executive (HSE) shut down its IT systems at a local and national level to protect the digital records of millions of patients and it could take "some days" before the IT systems return to normal.
Ransomware attacks involve infecting computers with malicious software, leaving users locked out of their systems until a ransom is paid to restore computer functions.
Both the HSE and Taoiseach Micheál Martin have confirmed that a Bitcoin ransom has been demanded by the cybercriminals who hacked the HSE system. Both, however, have categorically refused to pay the ransom in line with state policy.
"At this stage, we are dealing with this in accordance with the advice we’ve received from cybersecurity experts and I think we’re very clear we will not be paying any ransom," Martin said on Friday.
Meanwhile, the HSE's Chief Information Officer Fran Thomson told the Irish Independent that it's " government policy that we don’t pay ransoms".
The HSE said that the main attack began at around 4:30 a.m. on Friday and that IT staff switched off systems as a precaution to protect data and fully assess the situation.
HSE Chief Operations Officer Anne O'Connor said that the attack was a "zero-day threat", which meant that there was no previous experience of how to respond.
The attack has caused significant delays and disruptions for some sectors of Ireland's health service.
Many hospitals switched from electronic paperwork to manual paperwork, causing widespread delays and slowdowns.
For example, Dublin's Rotunda Hospital canceled outpatient visits unless a patient is more than 36 weeks pregnant. It said that all gynecology clinics were also canceled but encouraged patients to visit the hospital if they have urgent concerns.
The National Maternity Hospital also observed "significant disruption" to its services on Friday, while Children's Health Ireland at Crumlin Hospital advised of delays and canceled most online and virtual appointments.
St. James' Hospital in Dublin has canceled all outpatient appointments and all non-emergency radiation treatment for Monday, May 17 in response to the cyberattack.
Tallaght University Hospital additionally canceled all routine radiology outpatient appointments on Friday.
"If this continues into Monday we will be in a very serious situation and we will have to cancel more appointments," O'Connor told RTÉ.
Meanwhile, Professor Seamus O'Reilly, an oncologist at Cork University Hospital, said that all of the hospital's computer services had been switched off on Friday in response to the hack. He said that cancer care was time-dependent on technology and that the hospital was anxious to continue with treatment.
O'Reilly said that the delays caused distress for patients who were waiting for test results.
"Our main concern is patient safety and results that might be outstanding, laboratory data that needs to be available to manage patient care today. It's very distressing for patients," O'Reilly told RTÉ on Friday.
The HSE was also forced to shut down its referral system for COVID-19 tests on Friday and urged people to visit a walk-in test center if they had any symptoms of the virus. Tests that were scheduled for Friday went ahead, the HSE said.
There were also delays to COVID-19 results and Ireland's contact tracing services on Friday.
However, the HSE said on Friday night that COVID-19 results and contact tracings had returned to normal.
Ireland's COVID-19 vaccination system was not affected by the hack and appointments are going ahead as scheduled, although the registration portal was briefly shut down until around 5:30 p.m. on Friday.
The National Ambulance Service is operating as normal, but a system for radiological imaging used in many Irish hospitals has been impacted by the attack.
HSE Chief Executive Paul Reid said that officials were working with An Garda Síochána and third-party cybersecurity experts to respond to the attack.
Minister of State for Communications Ossian Smyth described the attack as "possibly the most significant cybercrime attack on the Irish state" and said that it "goes right to the core of the [health] system".
Cork University Hospital's Seamus O'Reilly said that the attack highlighted how badly Irish hospitals relied on IT and said that the attack showcased the need for secure firewalls.