HSE cyber-attack: Hackers bail out Irish health service for free

Hackers responsible for causing widespread disruption to the Irish health system have unexpectedly gifted it with the tool to help it recover.

The Conti ransomware group was reportedly asking the health service for $20m (£14m) to restore services after the "catastrophic hack".

But now the criminals have handed over the software tool for free.

The Irish government says it is testing the tool and insists it did not, and would not, be paying the hackers.

Conti is still threatening to publish or sell data it has stolen unless a ransom is paid.

On its darknet website, it told HSE: "We are providing the decryption tool for your network for free.

"But you should understand that we will sell or publish a lot of private data if you will not connect us and try to resolve the situation."

It was unclear why the hackers gave the tool - known as a decryption key - for free, said Health Minister Stephen Donnelly.

"No ransom has been paid by this government directly, indirectly, through any third party or any other way. Nor will any such ransom be paid," he told Irish broadcaster RTÉ.

"It came as a surprise to us. Our technical team are currently testing the tool. The initial responses are positive."

FBI warning

In the USA, a warning has been issued by the FBI about Conti targeting networks belonging to authorities there.

It said it had identified at least 16 Conti ransomware attacks targeting "US healthcare and first responder networks".

More than 400 organisations have been targeted by Conti worldwide, of which more than 290 are based in the US, according to the FBI.

"Conti typically steals victims' files and encrypts the servers and workstations in an effort to force a ransom payment from the victim.

"If the ransom is not paid, the stolen data is sold or published to a public site controlled by the Conti actors," it added.

The FBI said that recent ransom demands have been as high as $25m (£21m).