At first the attack on Ireland’s public-health system fell into a depressingly familiar pattern. In March 2021, hackers duped an employee into clicking on an innocuous-looking spreadsheet, giving them access to its network. On May 14, they rendered most of the 70,000-device system inoperable by encrypting reams of its data. Then they demanded $20 million—which would have been one of the biggest ransomware payouts ever—to reverse the action.
Because the hackers compromised systems that 54 hospitals and about 4,000 other locations needed to operate equipment such as radiation therapy machines and keep track of which drugs to administer to which patients, the immediate impact was terrifying