HSE’s ransomware recovery: A band-aid or a cure?

Abstract

This teaching case explores the transformation of Ireland’s national health provider, the Health Service Executive (HSE), following a major ransomware attack that disrupted healthcare services across more than 50 hospitals in 2021. Now, 4 years on from that event, this teaching case focuses on the aftermath and what the HSE has been doing since the attack to improve its cybersecurity posture: the paper examines how the organisation is working to embed cybersecurity-by-design and strengthen public trust in digital health systems through long-term reforms in governance, infrastructure, and organisational culture.

Keywords

cybersecurity digital health ransomware attack cybersecurity governance public trust incident response

Get full access to this article

View all access options for this article.

References

Acronis Cyber Protect (2020) The NHS cyber attacked, and who did it, acronis cyber protect. https://www.acronis.com/en-us/blog/posts/nhs-cyber-attack/ (Accessed: 17 April 2025).

Clarke

(2021) Hospitals Under Pressure as 4,400 HSE Staff off Work due to Covid – Reid. The Irish Times. https://www.irishtimes.com/news/health/hospitals-under-pressure-as-4-400-hse-staff-off-work-due-to-covid-reid-1.4725656 (Accessed: 17 April 2025).

Datta

(2020) Digital transformation of the Italian public administration: a case study. Communications of the Association for Information Systems 46: 252–272.

Datta

(2025) The case of four state-sponsored hacks: a WhoDunIt mystery. Journal of Information Technology Teaching Cases 00: 20438869251376669. https://doi.org/10.1177/20438869251376669.

Datta

Acton

(2025) Promises and perils of generative AI in cybersecurity. MIS Quarterly Executive 24(2): 5.

Datta

Walker

Amarilli

(2020) Digital transformation: learning from Italy’s public administration. Journal of Information Technology Teaching Cases 10(2): 54–71.

Department of Health (2024) Digital for care - a digital health framework for Ireland 2024-2030. https://assets.gov.ie/static/documents/digital-for-care-a-digital-health-framework-for-ireland-2024-2030.pdf (Accessed: 17 April 2025).

Department of Health, Health Information Quality Authority and HSE (2024) Findings of the national engagement on digital health and social care. https://www.hiqa.ie/sites/default/files/2024-09/Findings_National-Engagement-on-Digital-Health-and-Social-Care.pdf (Accessed: 17 April 2025).

Getronics (2024) Shocking NHS cyber attack 2024. https://www.getronics.com/nhs-cyber-attack-2024/#elementor-toc__heading-anchor-2 (Accessed: 17 April 2025).

10.

Aliyu

Evans

, et al. (2021) Health care cybersecurity challenges and solutions under the climate of COVID-19: scoping review. Journal of Medical Internet Research 23(4): e21747.

11.

Health Service Executive (2024) Cyber security statement of strategic intent 2024-2027. Health Service Executive. Available at: https://www.ehealthireland.ie/media/mdyjwfgg/hse-cyber-security-statement-of-strategic-intent-2024-2027.pdf

12.

Health Service Executive (HSE) (2021) HSE national service plan 2021. https://www.hse.ie/eng/services/publications/serviceplans/national-service-plan-2021.pdf (Accessed: 16 July 2024).

13.

Helen

(2022) After the cyber attack is over, eHealth & disruptive technologies. https://www.ehealthireland.ie/news-media/news/2022/after-the-cyber-attack-is-over/

14.

HSE (2025) Digital health strategic implementation roadmap. https://assets.publications.hse.ie/media/file_based_publications/Digital_Health_Strategic_Implementation_Roadmap.pdf (Accessed: 17 April 2025).

15.

Lally

(2021) Wizard Spider Profile: Suspected Gang Behind HSE Attack is Part of World’s First cyber-cartel. The Irish Times. https://www.irishtimes.com/news/crime-and-law/wizard-spider-profile-suspected-gang-behind-hse-attack-is-part-of-world-s-first-cyber-cartel-1.4568806 (Accessed: 17 July 2024).

16.

Mashinchi

Acton

Datta

(2024) When healthcare becomes sick: recovering from ransomware. Journal of Information Technology Teaching Cases. [Preprint].

17.

NHS (2024) Synnovis Cyber Attack – Statement from NHS England. NHS England. https://www.england.nhs.uk/2024/06/synnovis-cyber-attack-statement-from-nhs-england/ (Accessed: 17 April 2025).

18.

Niki

Saira

Arvind

, et al. (2022) Cyber-attacks are a permanent and substantial threat to health systems: education must reflect that. Digital Health 8: 20552076221104665.

19.

PricewaterhouseCoopers (PwC) (2021) Conti cyber attack on the HSE: independent post incident review. https://www.hse.ie/eng/services/publications/conti-cyber-attack-on-the-hse-full-report.pdf (Accessed: 15 July 2024).

20.

Scalco

Flanigan

Simske

(2021) Control systems cyber security reference architecture (RA) for critical infrastructure: Healthcare and hospital vertical example. Journal of Critical Infrastructure Policy 2(2): 125–145.

21.

Swivel Secure (no date) 9 Reasons Why Healthcare is the Biggest Target for Cyberattacks. Swivel Secure. https://swivelsecure.com/solutions/healthcare/healthcare-is-the-biggest-target-for-cyberattacks/ (Accessed: 18 April 2025).

22.

Sydney Adams

(2023) Healthcare staff shortage creates cyber security risk _ healthcare digital. https://healthcare-digital.com/technology-and-ai/healthcare-staff-shortage-creates-cyber-security-risk (Accessed: 21 April 2025).