GENERAL MEDICINE

Computer era is wonderful until it all goes wrong

The recent cyberattack on the HSE has demonstrated that for all its advantages, when things go wrong with computer technology, they can go very wrong

Dr Stephen McWilliams, Consultant Psychiatrist, Saint John of God Hospital, Stillorgan

July 14, 2021

Article
Similar articles
  • Computers have been essential for longer than you might think. Readers familiar with the film The Imitation Game (2014) starring Benedict Cumberbatch will know that Alan Turing was one of the most influential code breakers of World War II and the progenitor of modern computing. A talented British mathematician, Turing is credited with inventing a programmable machine at Bletchley Park capable of deciphering Nazi Germany’s Enigma. By doing so, enemy operations were intercepted, allowing the building of Allied military strength culminating the D-Day landings in Normandy in 1944. Sadly, Turing’s work, regarded as top secret, went unacknowledged for years while he was instead convicted under Victorian homosexuality laws and forced to endure chemical castration. He died of cyanide poisoning in 1954, aged just 41. Only in 2013 did Queen Elizabeth II grant Turing a royal pardon.

    But Turing’s work heralded an era. Every aspect of modern life relies on computers, which is wonderful until it all goes wrong. The HSE Conti ransomware attack of May 14, 2021 is a case in point, thought to be the work of a Russian gang known as Wizard Spider, who are based in Saint Petersburg. According to news reports, a lone HSE worker inadvertently clicked a link when their computer stopped working. They received a message that some 700 gigabytes of patient data had been accessed and encrypted, with examples of the stolen data offered as proof, followed by a demand for almost €15 million. Failure to pay would result in the data remaining encrypted, while the hackers also threatened to sell the data on the dark web to the highest bidder. 

    According to the FBI (speaking to the BBC on May 21, 2021), Conti ransomware has been used to target some 400 organisations worldwide, around 290 of which are based in the US. At least 16 such attacks have targeted healthcare and first-responder networks, as we have seen with the HSE. This, as we know, has led to severe curtailment of our public health services due to the necessary shutting down of all IT systems. Severely limited access to electronic patient records, radiology and other diagnostics, chemotherapy – even telephones – has meant instant regression to the modus operandi of the 1980s. Particularly hard hit have been the children’s hospitals. And all this is at a time when most HSE workers are already exhausted by nearly 18 months of the Covid-19 pandemic.

    As IT specialists work day and night to preserve, repair and rebuild the HSE’s systems, one wonders why the hackers made available a free decryption key. Did they suddenly grow a conscience? Did they come under pressure from law enforcement or other hackers in Russia? Or did they simply give up in the face of a clear declaration by the government that no ransom will be paid under any circumstances? As patients worry about the potential publishing of confidential patient records, it is noteworthy that the HSE secured High Court injunctions (May 20, 2021) preventing any sharing, processing, selling or publishing of the stolen data. The practical effect of this, according to Mr Justice Kevin Cross, is that authorities in the country concerned might assist us in apprehending the perpetrators. 

    So, how will public sector organisations such as the HSE prevent these attacks from happening again? Given the well-honed skills and brazen nature of the hackers, this is a difficult question to answer. We live in a brave new world where our data is a valuable commodity. Yet computers remain essential, so cyber-security clearly needs more of our taxpayer money. And gratitude for the diligence of our IT workers.

    © Medmedia Publications/Hospital Doctor of Ireland 2021