Russian cyber terrorists are the main suspects for a ransomware attack on a huge maternity hospital, the Mirror learned last night.
Specialist gardai were called in to probe the “very significant” hack attack on the Coombe Hospital in Dublin.
And the Mirror can reveal that NUI Galway was targeted again in the past fortnight in what gardai say was a “massive attack”.
Staff at the Coombe were told to log off their computers immediately and the HSE ordered its system be disconnected from the National Health Network.
Gardai from the National Cybercrime Bureau working alongside the National Cyber Security Centre are assisting and investigating the incident.
Senior HSE official Dr Anne O’Connor said they were “very concerned” and “hoped” it was not a national problem they were dealing with again.
The Mirror learned last night (THURS) that a highly sophisticated organised criminal group (OCG) of hackers linked to Russia are the main suspects for the two latest attacks.
A senior source said: “Luckily the Coombe IT computer systems held. The university got hit in a serious attack.
“These cyber criminals are testing systems again to see if they can get in like they did before.”
Elite garda detectives probing the attacks believe the gangsters are operating out of eastern Europe in countries like Lithuania and Ukraine, where Russian has influence.
The source added: “These are serious cyber criminals. These are very significant attacks. They are OCG groups under the influence of a state - that state we believe is Russia.”
NUIG was also hit in an attempted cyber attack in September and had to disconnect its systems from the internet.
In a statement the HSE said: “At this point we have not seen evidence of an impact external to the Coombe Hospital but we are continuing, with external support, to assess whether there is any broader impact.”
Minister of State with responsibility for IT systems, Ossian Smyth said: “We don’t know if there has been any data breach so far - whether there are any data protection issues involved.
“In the previous attack on the HSE there was a ransomware note on every machine compromised.”
The Coombe’s services resumed as normal yesterday, it confirmed.
And it said: “We have locked down all our IT systems on a precautionary basis and are working closely with the HSE to resolve this matter.”
In May, there was a ransomware attack on the HSE in May which caused major disruption.
HSE chief Paul Reid said in June the assault had a “devastating impact” and cost the service tens of millions.
T o get the latest breaking news straight to your inbox, sign up for our free newsletter.
