The Irish High Court has issued an injunction to the Conti hacking group’s hackers (Contilocker Gang) to prevent data leak. Last week, the Irish Health Service was hit by a ransomware attack. Consequence to the attack, Ireland’s national health and social service provider, the Health Service Executive (HSE) was forced to shut down. The hacking group is demanding a payment of $19,999,000 (over £13 million).
Impact of the Attack
The attack has caused backlogs in emergency departments from Dublin to Galway. Patients have been advised to avoid hospitals unless they require immediate care as a result of the attack in Ireland.
Radiation treatments, MRIs, gynaecological visits, endoscopies, and other health services have all been cancelled in numerous Irish counties. According to health officials, the attack was also affecting delays in Covid-19 test results, though a vaccine appointment system was still operational.
According to Irish health officials, the HSE is building a new network apart from the one that has been damaged. Thousands of experts have been enlisted to help reconstruct 2,000 distinct systems. Paul Reid, chief executive of the H.S.E estimates that the project will cost tens of millions of euros.
The H.S.E. announced on Thursday that it had been given a key to decrypt the data being held for ransom, although it was uncertain if it would function. Micheál Martin, Ireland’s prime minister has announced that the government would give any ransom to the attackers.
According to the Irish Times, the HSE has sought an injunction to stop the attackers from leaking any data and give them 42 days to identify themselves and appear in court.
Of course, there was no postal or email address associated with the off-the-radar cyber thieves. Because of the anonymity, the injunction had to be put on a dark web domain assumed to be affiliated with the hacking organisation.
It’s a rare incidence of obtaining a court order against anonymous hackers. But it’s not first such case. It has been done earlier in case of a cyber-attack against a London-based shipping company Clarkson PLC in 2017, as well as a second case involving a company who opted to remain anonymous, referred to in court documents by the acronym PLM in 2018.
Do subscribe to our Telegram channel for more resources and discussions on technology law and news. To receive weekly updates, and a massive monthly roundup, don’t forget to subscribe to our Newsletter.