• Office Hours : 08:00 - 17:30

Irish High Court serves HSE hackers an injunction to block data leak

The Irish High Court has issued an injunction against the hackers responsible for last week’s cyber attack on Ireland’s national health and social services provider, the Health Service Executive (HSE).

Responsibility for the attack has been attributed to the Conti hacking group, which had signed off on the ransomware notes as the “Contilocker gang”, demanding a payment of $19,999,000 (over £13 million). The Irish government has so far refused to pay the ransom demand.

The Conti hacking group, which was previously blamed for an attack against the Scottish Environment Protection Agency (SEPA) on Christmas Eve, provided the HSE with a free decryption tool earlier this week, adding that “it will sell or publish a lot of private data if [the HSE] will not connect us [sic] and try to resolve the situation”.

This prompted the HSE to apply for an injunction against the hacking collective, with the Irish High Court ordering the hackers to cease sharing the stolen data, giving them 42 days to identify themselves and enter an appearance to the proceedings, according to the Irish Times.

The legal document aims to prevent the group from selling, processing, publishing, or sharing the stolen HSE data, which includes private medical information related to HSE patients, as well as payroll and HR data of its employees.

Related Resource

Four ransomware resiliency challenges you can combat with confidence

The benefits of a multi-layered security solution

Windows of a high rise building - Four ransomware resiliency challenges you can combat with confidence - whitepaper from VeritasWindows of a high rise building - Four ransomware resiliency challenges you can combat with confidence - whitepaper from VeritasDownload now

However, with no postal or email address attributed to the off-the-radar cyber criminals, the injunction had to be posted onto a website on the dark web thought to be associated with the hacking group.

Although it’s an uncommon practice, securing a court injunction against anonymous hackers has precedent, most notably in the case of a cyber attack against London-based shipping company Clarkson PLC in 2017, as well as a second case involving a company who opted to remain anonymous, referred to in court documents by the acronym PLM in 2018.

On Thursday, the HSE released a statement detailing the impact of the ransomware attack, saying that it had had “a significant impact on hospital appointments”, with continued “major disruptions”.

“Slow but steady progress is being made in assessing the impact and beginning to restore HSE IT systems. This work will take many weeks and we anticipate major disruption will continue due to the shutdown of our IT systems,” the Irish health service provider added.

Featured Resources

The technology of trust

How to protect your most valuable commodity

Download now

Transforming business operations with AI, IoT data, and edge computing

A Pathfinder report on the ROI of AI, IoT, and edge computing

Download now

Building a data-driven enterprise of the future

Top five trends that will shape the future of organisational resiliency and effectiveness

Download now

The hot cloud storage guide to backup and recovery

What is cloud object storage, why is it on the rise, and what option should you choose?

Download now

See the original article here: ITPro