Hackers of HSE Demand $20 Million Ransom
After a detailed assessment, the HSE found perpetrators behind the cyberattack against them as the Conti ransomware group. The attack by threat actor yesterday led HSE to shut down its IT systems all over to contain the spread of their locking malware. This disrupted critical services like diagnostics and maternity care.
— HSE Ireland (@HSELive) May 14, 2021 A new lead on the incident revealed what the threat actor behind this, the Conti ransomware group has stolen, and their demand. As per BleepingComputer, a negotiation chat screenshot shared by a security researcher says the group is asking a ransom of $19,999,000 for the decryptor and erasing stolen data from their side. They claimed to have unencrypted HSE patient information, employee information, contracts, financial statements, payroll, etc. And usual, they’d leak these files for free if the victim (HSE here) doesn’t cooperate with them. And it’s most likely happening, as the Prime Minister of Ireland, Taoiseach Micheál Martin, said that they would not be paying any ransom. HSE earlier said they’re working on normalizing the situation with third-party cybersecurity experts and internal teams, as they have taken some services offline. Instead, they’re now carrying out the regular tasks in the offline mode like handwritten-based, which is slowing down the process.