The Russian crime syndicate behind the devastating HSE attack is part of a sinister cyber world deadlier than the Kinahan drug cartel.
In the long run, the complete shutdown of the health service computer system by the Wizard Spider gang could lead to more deaths than those caused by the Kinahan-Hutch feud.
But while ordinary criminals are
regularly brought to justice, it is almost impossible to track down the ruthless hackers involved in this and other cyberattacks.
There is also concern that the cartel involved will operate, if not entirely with the blessing, but with the tacit approval of the Russian state.
Those responsible have been described as “the scum of the earth” for attacking an already struggling health service as it struggles to cope with a global pandemic.
The mystery now surrounds an encryption key, allegedly sent by the Russian gang, which may be able to unlock frozen HSA data, as Health Minister Stephen Donnelly said: “categorically no ransom has been given. paid by this government “.
The key – a sophisticated set of passwords – was scanned yesterday by the National Cyber Security Center and other experts to make sure it doesn’t contain any other malware that could cause even more damage.
But last night, hackers were still threatening to sell patient data if the HSE did not pay a ransom estimated at 16 million euros.
Intelligence agencies believe that the Wizard Spider gang is part of the world’s most advanced super cyber cartel.
This organization operates on an almost industrial scale and its agents are mainly based in Russia with subsidiaries in Ukraine.
Interpol believes it is made up of a number of Russian cyber cells who have come together to form what is today one of the largest and most ruthless rackets of extortion the world has ever seen. .
Due to their sophistication and digital prowess, they are able to hold entire nations in ransom.
A similar attack on a US pipeline in recent weeks has caused fuel shortages in many states.
There is growing concern that hackers will soon gain control of nuclear power plants or even atomic weapons systems because they have already penetrated Pentagon security.
The main members of Wizard Spider are believed to operate and reside in the St. Petersburg region, although they have a large network of contacts throughout the Russian Federation and abroad.
US and UK intelligence agencies believe that these criminal organizations are not only tolerated in their home countries, they may also be called upon to work for the Russian state.
This week, the Russian ambassador to Ireland said his country had offered to conduct a joint investigation into the HSE cyberattack.
While Yury Filatov may have sincerely wanted to help, there is no doubt that Russia has, at the very least, turned a blind eye to the cybercriminals operating in this country.
This is confirmed by the fact that the code they use in malware and ransomware is programmed to uninstall if it encounters Russian-speaking systems.
Want the latest news and entertainment delivered straight to you? Don’t miss a thing by signing up for our email updates here.
Every day, we’ll send you a roundup of the latest news, sports and entertainment in one place.
You can unsubscribe from this service at any time. And rest assured that your data will not be shared with any other party.
Although the attack on the HSE is seen as a purely lucrative operation, it is believed that those involved are themselves under pressure from other cybercriminals or even from the Russian state.
Although Wizard Spider has hacked into other healthcare establishments before, he has never before asked to ransom a nation’s healthcare service.
Smart Tech chief Ronan Murphy told RTE the hackers may have been pressured to hand over the encryption key.
He said: “In my opinion, if I had to make a calculated estimate on this, I think the Russian government put pressure on them.
“I believe it’s coming to a point where it’s getting such massive global coverage, the fact that we’re in the midst of a global pandemic and the fact that all of a nation’s health service has been dismantled.
“And there are generally warm relations between Ireland and Russia. I think this is problematic. I think word got out about the powers they need to throw us a bone.
But he fears that the cartel will continue its threat to dump HSE patient data or that they will lose face and be seen as “the dog with no teeth.”
Another security expert believes that hackers may also have come under pressure from other cybercriminals.
Cyber Risk International chief Paul C Dwyer told RTE that may have been a step too far, even for a ruthless criminal organization.
He said: “The most obvious reason is that they have been pressured by other cybercriminal groups to get rid of this as an incident.
Criminals have been operating around the world with impunity, earning hundreds of millions of dollars in ransomware and suddenly they have chosen this soft target which has now made a lot of noise about all these criminal groups.
Interpol and Europol believe that cyber cartels such as Wizard Spider pose a threat similar to that posed by international criminal organizations such as the Kinahan gang.
The fact that they can operate at a distance and beyond justice in a country where they are widely tolerated makes them even more dangerous and virtually untouchable.