Conti Ransomware Attack on Ireland's Healthcare Sector Expected to Cost More Than $100 Million

Conti Ransomware Attack on Ireland’s Healthcare Sector Expected to Cost More Than $100 Million

According to an Irish news outlet report, the country’s healthcare sector would have to pay more than $48 million to recover from last year’s massive ransomware attack by the Conti gang. A document obtained by RTÉ revealed that the cost of the ransomware assault includes $14.2 million for ICT infrastructure, $6.1 million for outside cybersecurity help, $17.1 million for vendor support, and $9.4 million for Office 365.

The letter was sent to Peadar Tóibn, the head of the Aont party, and Thompson stated that the total cost is expected to exceed $100 million. The expenses of implementing the suggestions made in the thorough PWC study on the attack are not included in the $100 million figure. In May 2021, Conti launched an attack on Ireland’s Health Service Executive, creating weeks of chaos in the country’s hospitals. The nation declined to pay the ransom of $20 million.

Hundreds of outpatient treatments were canceled, a vaccination site for Covid-19 was stopped off, and the government spent weeks attempting to get its healthcare IT system back up, according to RTÉ and the BBC. The Journal disclosed that 85,000 machines were shut off once the hack was discovered, and cybersecurity professionals combed through all 2,000 different IT systems one by one.

It was described as a “very serious attack” by Irish Foreign Minister Simon Coveney and as “possibly the most significant cybercrime attack on the Irish State” by Irish Minister of State Ossian Smyth.

According to a government statement, emergency services were maintained, but many radiological appointments were canceled. There were delays in the reporting of COVID-19 test results, as well as the issuance of birth, death, and marriage certificates. The Journal revealed that the attack disrupted pediatric services, maternity services, and outpatient visits at certain hospitals.

The UL Hospitals Group, Dublin’s Rotunda Hospital, The National Maternity Hospital, St Columcille’s Hospital, and Children’s Health Ireland (CHI) at Crumlin Hospital all experienced varied levels of IT outages. Stephen Donnelly, the Health Minister, said that the attack knocked off the HSE payment system. Full payment was a problem for the 146,000 persons employed in the healthcare profession.

Ransomware researchers said that while the statistics appear prominent, ransomware recovery is a challenging procedure. According to Emsisoft threat researcher Brett Callow, recovery costs may be high, as Scripps Health’s scenario illustrates. 

“After a ransomware attack in May 2021, Scripps Health estimated its losses for Q3 of that year to be $112.7 million. It should be noted that some costs associated with incidents are effectively catch-up spending as organizations address whatever weaknesses enabled the attack to succeed,” Callow said.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.