The Health Services Executive has said nearly all the 1,200 servers, which it had to reboot in this afternoon to make anti-virus updates take effect, are back online again.
Five servers developed problems during the reboot process, but the HSE said this was not due to any infections.
Three of those were non-clinical file servers. The other two were clinical-based servers in two different Dublin hospitals.
Support teams are on site at those hospitals to bring them back online.
HSE Chief Information Officer Richard Corbridge told RTÉ News that disruption to patients was minimal because the outages had been expected, business continuity plans were put in place and all the systems came back online when they were supposed to.
We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences
A decision as to whether or not to reconnect the HSE network to the outside will be taken tomorrow morning.
However, Mr Corbridge said the outlook was positive for that to go ahead as planned.
The Minister for Health, meanwhile, has said that no patient record has been compromised by the cyber attacks.
Speaking on his way into the Cabinet meeting this morning, Simon Harris said that no adverse clinical impact has been seen so far and no patient records damaged.
Minister for Communications Denis Naughten is bringing a report to Cabinet on the issue this morning.
Speaking on his way to the meeting, he said every single agency of the State could have been targeted in the attack.
He said that the the reality is that the virus did not get in except for one isolated incident in Wexford and that it was unlikely that there would be further reports.
Meanwhile, cyber security researchers claim to have found technical clues they say could link North Korea with the global 'ransomware' cyber attack.
The cyber attack by the virus dubbed WannaCry has infected more than 300,000 computers in 150 countries since Friday.
Symantec and Kaspersky Lab have said some code in an earlier version of the 'WannaCry' virus had also appeared in programs used by the Lazarus Group, which researchers from many companies have identified as a North Korea-run hacking operation.
Both firms said it was too early to tell whether North Korea was involved in the attacks, which slowed to a crawl yesterday but have already become one of the fastest-spreading extortion campaigns on record.
The cyber companies' research will be closely followed by law enforcement agencies around the world.
The two companies said they needed to study the code more and asked for others to help with the analysis. Hackers do re-use code from other operations, so even copied lines fall well short of proof.
The Lazarus hackers, acting for North Korea, have been more brazen in pursuit of financial gain than others, and have been blamed for the theft of $81 million from a Bangladesh bank.
The North Korean mission to the United Nations was not immediately available for comment.
Regardless of the source of the attack, investors piled into cyber security stocks yesterday, betting that governments and corporations will spend more to upgrade their defences.