The HSE Attack One Year On: Four Lessons for SMEs

Contact us

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Over one year on, the HSE ransomware attack is difficult to forget. Not only did the incident cause a nationwide shutdown of all IT systems, but it also plunged Ireland’s healthcare system into disarray. Thousands of patients’ treatments were delayed, their data was compromised and it took months to restore the healthcare system’s servers and devices.

While the negative impacts of the attack are obvious, there are also plenty of positive lessons to be learned from it. Paul Delahunty, our Information Security Officer here at Stryve, has sat down and formulated four key lessons that SMEs can take from the experience.

Lesson One: Wake Up

The HSE attack took the country by surprise and, in doing so, jolted both the government and private companies into action. As Paul points out, ransomware attacks are nothing new, reports of big companies falling victim to them regularly make the news. The difference with the HSE attack is that it impacted ordinary people, from children to retirees.

Before the attack, many companies had been slow to implement concrete measures and lulled into a false sense of security that Ireland was a sort of safe haven when it came to cybercrime. The attack not only exposed the nation’s unpreparedness but also confirmed that no country is immune to attack.

The HSE attack gave most companies the wake-up call they needed to realise that information security must be at the top of their agenda. And, if you still have your eyes closed, this blog is your sign to open them.

Lesson Two: Assess the Risk

After realising the threat that cybercrime poses generally, Paul then advises that you sit down and analyse what threat it poses to you specifically. To fully assess the risk of an attack, Paul recommends you ask yourself two questions:

1. What do I rely on to carry out my business?

2. How would a cyberattack impact the tools I rely on to carry out my business?

Asking yourself these two key questions allows you to fully understand how an attack may impact you and enables you to identify the ways to mitigate it. As Paul points out, the first time you think of an attack should not be when it's already happened. For some organisations, cyberattacks can be business ending so preparation really is key.

Lesson Three: Backups, Backups, Backups

No matter what industry you are in, backing up your critical data is imperative. Every company has information that, if lost, would have a devastating impact on their business. So, after you sit down and decide how your business will deal with an attack, you need to start looking at what backup solution, if any, you have in place, and what others you may need to implement.

Backups can take many different forms and there is no one size fits all approach for businesses. For some, immutable backups will be the best option and for others, they simply won’t be necessary. If you ever need advice on which solution to opt for, our experts at Stryve are always happy to help.

Lesson Four: Education is Key

As Paul always says, when it comes to cyberattacks, employees can be your weak underbelly or the strongest tool in your arsenal. With proper training and a keen eye, employees can spot and prevent cyberattacks before they even happen.

Training your employees involves educating them on spotting phishy links and attempting to instil a zero-trust mindset and attitude. As Paul points out, however, Cyber Security education is only going to work if it is led from the top down so getting your C-suite on board is critical.


The first anniversary of the HSE attack has already come and gone, yet there are still concrete lessons to be learned from the experience. Implementing the above measures will not only improve your security posture but may also, as Paul observes, make it easier to get cyber insurance moving forward.

Ultimately, SME cyberattacks will not make the news, however, they can have a devastating impact on the victims. A few small changes can go a long way towards ensuring your customers, your business and your data are secure.

Stryve LinkedIn