Garda operation targets gang behind HSE cyber attack

Garda Operation Targets Gang Behind Hse Cyber Attack
The “Information Command”, which would number up to 300 personnel, would be part of the Defence Forces and under the command of a general. Photo: PA
Share this article

By Dominic McGrath, PA

Gardai have carried out a major operation targeting the gang behind the ransomware attack on the Health Service Executive (HSE).

A spokesman said on Sunday: “A significant disruption operation which targeted the IT infrastructure of a cyber crime group has been conducted by the Garda National Cyber Crime Bureau (GNCCB).


“The Garda National Cyber Crime Bureau have seized several domains used in this and other ransomware attacks.”

The ransomware attack on the HSE, which occurred in May, caused major disruption to the health service.

HSE chief Paul Reid said in June that it had had a “devastating impact” and cost the health service millions of euros.



On Sunday, the Garda spokesman said the seizure of the websites had “directly prevented” other ransomware attacks across the world.


A so-called “splash screen” has been used on the web domains by gardai to warn any potential victims that it is likely that their system has been attacked by ransomware.

Gardaí are also working with other police agencies as part of the wider operation.

“A process has also commenced between the Garda Siochana and their law enforcement partners at Europol and Interpol to provide the details of the visiting URLs to the member countries to ensure that the infected systems are appropriately decontaminated,” the spokesman said.

Russian intelligence behind hundreds of ‘brute for...
Read More

He added that the operation will have a major impact on the cyber crime gang.


“To date a total of 753 attempts were made by ICT systems across the world to connect to the seized domains.

“In each instance, the seizure of these domains by the GNCCB investigation team is likely to have prevented a Conti ransomware attack on the connecting ICT system, by rendering the initially deployed malware on the victim’s system as ineffective.”

Read More

Message submitting... Thank you for waiting.

Want us to email you top stories each lunch time?

Download our Apps
© 2023, developed by Square1 and powered by