A major cyberattack on the HSE, causing months of system disruption, could have been prevented, said the head of the state’s cybersecurity center.
r Richard Browne of the National Cyber Security Center told the Dáil transport committee that the cyber attackers were based in Russia and had infiltrated HSE systems through an employee’s laptop.
However, he said the attackers’ movement across the systems should have been intercepted sooner.
“This is an extremely serious example of what can go wrong in ransomware incidents.
“It was, of course, and it is almost always the case, that it could have been prevented,” said Dr. Browne to TDs and Senators.
He said it was now resolved and explained how the entire HSE system was attacked via an employee’s laptop, which was compromised seven weeks before the attack.
Eight days before the attack, the hackers were then able to gain access and “explore” the HSE network.
“They started by extracting a relatively limited amount of data from the HSE network over a number of different connections, not just the laptop,
“Initial access was through a single device,” he said.
“What should have been caught was the migration of the actor across the entire network.”
Committee Chair Fine Gael TD Kieran O’Donnell said the entire HSE system was compromised by a single laptop.
He said the HSE has since taken “significant steps” to improve safety.
dr Browne also told the committee how high the “threat of cyber espionage” was.
However, he said that there is currently no evidence that anyone intends to launch a cyber attack on the state and that the state would be able to defend itself in such a scenario.
However, he acknowledged that the war in Ukraine posed a higher threat of cyberattack.
The Cyber Security Center currently employs about 70 people, but Dr. Browne said he hopes to increase that number “significantly”.
https://www.independent.ie/news/hse-cyber-attack-could-have-been-prevented-tds-and-senators-told-41504487.html HSE cyberattack could have been prevented, TDs and senators said