Sinn Féin spokesperson on Health David Cullinane TD has said that the cyberattacks on the Department of Health and the HSE make it imperative that the IT modernisation programme is stepped up and completed rapidly.
He also said it prompts questions on the robustness of the State’s cybersecurity and called for a full audit and review of the State’s cyberdefences.
Teachta Cullinane said:
“Modernisation of our healthcare infrastructure – in the HSE and the Department of Health – is imperative following these attacks.
“Our health IT infrastructure has not been fit for purpose for over a decade, and I cannot see how outdated systems would not play a role in weakening our defences.
“Most of the Department of Health and HSE’s computers run on an operating system which is no longer supported, from a security perspective, by its developer.
“Integral radiology equipment runs on software so old that the HSE has not upgraded its operating systems.
“Stroke, cancer, diagnostics, radiology, and other vital services have been suspended or are operating at reduced capacity as a result of these attacks.
“It is now said that the attackers were inside the Department of Health and HSE’s systems for weeks before the attack, yet this was not detected.
“Old computers, equipment running on outdated software, and the lack of integrated health systems surely make the job of cyberdefence far more difficult and costly.
“It will now cost tens of millions, according to the HSE, to restore systems. The Government has dragged its heels on financing IT modernisation and now it is paying the price.
“The use of antiquated systems in health must stop – they are bad for patients and bad for security. It is not a victimless crime. This attack will make patients wait longer for diagnostics or treatment and cause waiting lists to grow longer.
“The Government should conduct a root and branch audit and review of the health system’s cyberdefences and IT systems to ensure best practice, and this should be widened to include other State bodies and agencies.
“Sinn Féin has been calling for enhanced investment in the health service’s IT for years.
“To develop robust cyberdefences and to deliver the catch-up care for patients on waiting lists, a fully funded and rapid programme of IT modernisation is needed.
“There are serious questions in relation to preparedness, what investments were made by the Department and HSE in cybersecurity, why they are still running on unfit for purpose IT infrastructure with tens of thousands of computers working off a system which is obsolete, and how this impacted on defences.
“We need to know how this happened, what the source of it was, how the systems were impacted, and how it can be prevented from happening again.
“If we do not make the investments, we will not stay ahead of cyber-criminals and we will be ill-prepared when this happens again.
“Clarity is needed from the HSE on the timeline for re-opening of services, and Government needs to ensure that any additional supports or protections which need to be put in place are resourced.”