New Microsoft deal drafted to protect all public sector data after cyberattack devastated HSE in 2021
The government will roll out a national state-of-the-art cybersecurity defense system almost two years after the devastating attack on HSE.
Officials working for Deputy eGovernment Minister Ossian Smyth have negotiated what has been described as a “groundbreaking deal” with Microsoft to protect computer systems for the entire public sector.
A major ransomware attack from St. Petersburg in May 2021 resulted in the shutdown of all HSE computer systems and caused the state a loss of at least 100 million euros.
Although no ransom was paid and all systems were restored, patient records and data were kept by the hackers and some limited information has surfaced on the dark web.
Following the cyber attack on the HSE, then Chief Executive Paul Reid wrote to then Secretary of State for Public Expenditure and Reform Michael McGrath, suggesting that an investment of €100m was needed to upgrade the systems. The bulk of that money would go to Microsoft, the developers of the systems and software involved.
The attackers demanded a ransom of $20 million, payable in bitcoin
The attackers gained access to the HSE network by persuading an employee to click on a Microsoft Excel spreadsheet that contained a vulnerability, which the attackers then exploited. Once the attackers broke into the first machine, they were able to move across the entire HSE network relatively quickly. On May 14, 2021, virtually the entire network was shut down with almost all Microsoft servers infected.
The attackers demanded a ransom of $20 million, payable in bitcoin. Microsoft was looking for “much more than that” for the future security of public computer systems Irish Independent understands from sources.
For comparison: The total HSE budget for IT systems in 2020 was 100 million euros and was doubled to 200 million euros before the attack.
Now Mr. Smyth, Green Party TD for Dún Laoghaire, has entered into a national rebate deal with Microsoft.
“This is a landmark deal. For the first time, Microsoft will treat the Irish Government as a single customer,” said Mr. Smyth.
“Over the past year, the Ministry of Public Expenditure and Reform has negotiated a discount on previous rates. That saves the taxpayer 8 to 10 million euros.
“These reduced rates will be available across the public sector.”
Mr. Smyth sought a meeting with Microsoft after the cyberattack, during which he asked Microsoft why it had separate small agreements with each government department and public sector agency.
The company was asked why there wasn’t a bulk deal like any large private sector company would have done
“I knew the UK had negotiated such an agreement a few years ago,” Mr Smyth said.
This deal will improve cybersecurity by moving government data to the cloud
He confirmed that an agreement had been reached with Microsoft to protect the entire public service at a reduced rate, the details of which he did not want to disclose.
“This deal will improve cybersecurity by moving government data to the cloud,” he said.
One official said: “It’s challenging to do a deal like this because there is no real alternative for many Microsoft products. They have a virtual monopoly in many areas.”
Although the May 2021 HSE attack was devastating, some healthcare systems survived unscathed.
This included vaccination planning, contact tracing and Covid testing.
What these systems had in common was that they were all in the cloud and not operated from server machines on HSE premises.
They were protected in data centers by companies like Amazon, which turned out to be more secure than keeping the data in a computer or server room in an HSE hospital.
The lesson was that the cloud was safer, and the government asked Microsoft to provide online cloud versions of its software instead of installing it on laptops and PCs.
https://www.independent.ie/irish-news/politics/new-microsoft-deal-hammered-out-to-protect-all-public-sector-data-after-cyber-attack-devastated-hse-in-2021-42277252.html New Microsoft deal drafted to protect all public sector data after cyberattack devastated HSE in 2021