The Government don’t care they are paying out of our money, maybe they personally got a cut of the €20 million, supposing the hackers demanded €10 million and the Government been as corrupt as we know they are said why don’t you make it €20 million and we can devide it up between us all?
THE HSE DATA HACK AND A SMALL MATTER OF THE TRUTH.
It is entirely understandable that any organisation or government department will not want to air their dirty laundry in a public arena, however, when it comes to the use of taxpayers money perhaps honesty is the best policy otherwise the situation gathers unnecessary energy down the line.
We are all acutely aware of the situation regarding the HSE having its whole IT system taken hostage by a group of hackers called ‘Wizard Spider’ who are a loose group of criminal programmers and hackers based in Western Russia, Ukraine as well as other parts of what was previously known as the Eastern Bloc. It is understood that these hackers had demanded $20 million in cryptocurrency to release a key to decrypt the data.
As was originally claimed by the Irish Government, the Russian Cyber Services were blamed for the hack and ransomware demand, however we now know that to be untrue. These individuals have absolutely no connection to the Russian government whatsoever as the Kremlin had offered the use of their own services to the Irish government in order to catch the hackers.
The Irish government declined the offer. The reason behind the offer was to simply stop the blame always being put on the Russians for hacking into other state IT systems. The Russian Cyber Services do not hack the health services of a friendly European country particularly in peacetime, it is as simple as that. WIZARD SPIDER – MODERN DAY PIRATES Hackers like Wizard Spider are modern-day IT pirates and do not do charity, nor do they have a conscience.
For any government or departmental official to say that an decryption key was ‘gifted’ by the hackers, only for someone in the fight to rebuild the entire HSE IT systems to “find it” is beyond the realms of truth. This suggestion by the government is trying have us believe that the hackers simply changed their minds or proffered an act of charity, a change of heart or suddenly developed a guilty conscience.
THE RANSOM WAS PAID TO THE HACKERS
This journalist can now reveal that the HSE did in fact pay the ransomware demand to Wizard Spider in the sum of $20 million through a third-party intermediary. It is not known if the payment was made using Bitcoin, however it is more likely that the payment was made using ‘Monero’ which is untraceable, unlike Bitcoin. Monero is a cryptocurrency that is used by criminal gangs throughout the world for moving funds as it fully protects the sender’s and receiver’s identity using an ‘obfuscated public ledger’ meaning that no one on the outside can see the transactions.
MICROSOFT Sources also indicated that Microsoft were being paid millions of Euro every year by the HSE to keep Windows 7 updated. Windows 7 support came to an end in January 2020, however, the HSE continued to use it as the basis for all of its IT systems rather than upgrade to Windows 10 on a gradual basis for sensitive data such as patient records.
QUESTIONS THAT NEED TO BE ANSWERED BY ALL INTERESTED PARTIES
There are some very serious questions to be asked of government, the Department of Health, the Department of Finance and the HSE.
- Who sanctioned the $20 million dollar transaction in the Irish government, the Department of Health, the Department of Finance and or the HSE or all four jointly?
2) Why did the Minister for Health, Stephen Donnelly and the Taoiseach fail to tell the truth of the matter and say that it had to be done because the entire HSE IT system was completely wiped out and they had no other choice but to pay the ransom?
3) The statement made by Taoiseach Micheál Martin on the 21st of May said, “that significant resources were, and would be spent by the State to ensure no recurrence of the serious breach of HSE data.” He also stated “ that no money had changed hands with the Russian-speaking criminals behind the attack nor would it. – However, he failed to say that the ransom had already been paid at that point! Further to that when asked why the decryption key had been offered to the State, Mr Martin said it ‘had not come via diplomatic channels and that the security personnel don’t know the exact reason the key was offered back.”
We now know the last statement to be entirely untrue, and that the Taoiseach was aware that the ransom was already in transit to the hackers and, in all likelihood had to sanction the payment along with the Finance Minister Pascal Donoghue and the Health Minister Stephen Donnelly.
4) Who were the third-party involved who acted for the exchange of money for the code to decrypt the data and how much were they paid for their intermediary services? Was a legal firm or one of the bigger accounting firms normally used by the State engaged to be that intermediary?
5) Which departmental budget did the payment emanate from?
6). If the ransom had not been paid and considering the hackers did not have charitable status, then why did a ‘very small sample of patient records’ appear on the dark web and NOT the entire contents of the IT system?
7) Why did the government not take up the offer of Russian State help in catching the cybercriminals when offered?
BIT LATE TO BOLT THE GATE
While it is a bit late to bolt the gate in terms of what has happened, the HSE are still left with no choice but to continue to use Windows 7 and older operating systems such as Windows XP. This still leaves a glaring hole in the security of the systems and leaves them vulnerable to more hacking attempts. The task ahead for any IT teams to rebuild the full HSE IT system is onerous and will cost many millions more than the original payment to the hackers and shows how much little attention was paid to a major and much needed IT system that millions of people depend on.
WHOSE HEAD IS FOR THE GUILLOTINE?
At this point nobody’s. The blame game will begin and the mudslinging in defence of the decision to pay the ransom will begin in the Dail, and sooner rather than later the story and mudslinging will disappear into media oblivion as does every other scandal perpetrated by government’s present and past. But for now, it might have been easier to tell the truth about the payment rather than use excuses that will only turn the public opinion against you. In this case you actually might have gotten public support for your actions.
None of this hacking scenario was out of the blue as the Department of Health was also the subject of a hacking attempt previously. To emphasise the point, the American Colonial Pipeline was hit by a similar group of hackers but immediately paid the ransom. The pipeline company used some of the finest IT cyber security companies available to them, but still had to pay the ransom because without the decryption key it would take years and hundreds of millions of dollars to rebuild the systems from scratch, never mind the catastrophic loss of data.
Fred is allowed ramble and to engage in conjecture about coincidences:- R number: Do you believe in coincidences? We know COVID-19 needs to have its R number below 1 otherwise we have a spread of disease that becomes exponential and out of control based on global dimensions.
Then we have the R initial and Russia with the suggestion that somehow Russian hackers who have used the opportunity of our vulnerability and non focus to maintaining our cyber security system of our health system up to date. We have been seriously hacked and the country that comes to mind who may have been tempted by our ineptitude is Russia. It is only conjecture of course.
Then add another coincidence. A Ryanair (Michael O’Leary man of great ego and renown in Ireland) his plane is targetted and directed back to Minsk (guided by a special supposedly Russian fighter plane) in Belarus so that they can arrest a 25 year old journalist, his girlfriend, and accompany them with KGB off the flight. These two abducted/Pirated people appear to have been “disappeared” while the world looks on. Belarus is the only truly authoritarian country within the EU. Sanctions have been used to curb President Luskashenko’s lust for power
Please where are these young people?
Three coincidences or are they?
Is there any good reason you may ask me? What comes to mind is an article written in the Sunday Times, August 23rd, 2020. The title was “Russian Expansionism in Rathgar”. “Russian Spooks are put on hold”. It goes on to say. “Block on Dublin embassy expansion won’t stop spies operating there: intelligence officers will merely find another way. Article written by John Mooney