High Court serves HSE hackers injunction to block data leak

Ransomware
Image: IDGNS

Experts working on verifying decryption key supplied by Conti group

Print

PrintPrint
Pro

Read More:

21 May 2021 | 0

The Irish High Court has issued an injunction against the hackers responsible for last week’s cyber attack on Ireland’s national health and social services provider, the Health Service Executive (HSE).

Responsibility for the attack has now been attributed to the Conti hacking group, which had signed off on the ransomware notes as the ‘Contilocker gang’, demanding a payment of $19,999,000. The government has so far refused to pay the ransom demand.

The Conti hacking group, which was previously blamed for an attack against the Scottish Environment Protection Agency (SEPA) on Christmas Eve, provided the HSE with a free decryption tool earlier this week, adding that “it will sell or publish a lot of private data if [the HSE] will not connect us [sic] and try to resolve the situation”.

 

advertisement



 

This prompted the HSE to apply for an injunction against the hacking collective, with the Irish High Court ordering the hackers to cease sharing the stolen data, giving them 42 days to identify themselves and enter an appearance to the proceedings, according to the Irish Times.

The legal document aims to prevent the group from selling, processing, publishing, or sharing the stolen HSE data, which includes private medical information related to HSE patients, as well as payroll and HR data of its employees.

However, with no postal or email address attributed to the off-the-radar cyber criminals, the injunction had to be posted onto a website on the Dark Web thought to be associated with the hacking group.

Although it’s an uncommon practice, securing a court injunction against anonymous hackers has precedent, most notably in the case of a cyber attack against London-based shipping company Clarkson in 2017, as well as a second case involving a company who opted to remain anonymous, referred to in court documents by the acronym PLM in 2018.

On Thursday, the HSE released a statement detailing the impact of the ransomware attack, saying that it had had “a significant impact on hospital appointments”, with continued “major disruptions”.

“Slow but steady progress is being made in assessing the impact and beginning to restore HSE IT systems. This work will take many weeks and we anticipate major disruption will continue due to the shutdown of our IT systems,” the Irish health service provider added.

Dennis Publishing News Service


Professional Development for IT professionals

The mission of the Irish Computer Society is to advance, promote and represent the interests of ICT professionals in Ireland. Membership of the ICS typically reduces courses by 20%. Find out more


Read More:



Comments are closed.

Back to Top ↑