A cyberattack on a New Zealand public health provider knocked off information systems at 5 hospitals, causing some elective procedures to be cancelled and triggering a slew of other issues. Surgery and many outpatient meetings had to be withdrawn due to the attack.
On Tuesday morning, the attack had beat out phone lines and computers at Thames, Tokoroa, Waikato, Taumarunui and Waikato, hospitals, effectively shutting down all IT services except mail.
Copyright © 2021 Kalkine Media
Kevin Snee, the Chief Executive of the Waikato District Health Board in New Zealand, claimed the emergency department was the only section accepting urgent patients. Administrators were attempting to uproot the problem, but no timeline had been given on restoring the system.
To try to handle the matter as quickly as possible, the Waikato District Health Board has put up a coordinated incident management structure.
Waikato District Health Board was firm on not paying any ransom to hackers.
Ransomware attacks hit the headlines recently
Ransomware assaults were in the news this month as hackers targeted the Colonial Pipeline, the largest petroleum pipeline in the US. To contain the damage, the company had to close it for days.
Four Asian subsidiaries of AXA, and a Paris-based insurance firm, were hit by a ransomware attack this weekend. The attack affected its operations in Hong Kong, Philippines, Thailand and Malaysia. About 3 terabytes of data was reportedly stolen, including insurance claims, medical records, ID screenshots, passport pages, bank details, and communication records with doctors and hospitals.
Last year, ransomware reached at epidemic levels as attackers increasingly resorted to "double extortion", obtaining valuable data before encrypting networks and posing a threat.
Dr Deborah Powell, national secretary of the Resident Doctors Association and the Association of Professional and Executive Employees (APEX), says the cyberattack on the Waikato District Health Board looks like a variant of ransomware known as Conti. Conti is believed to be an attack by a Russian criminal gang.
She noted that the cyberattack was of the same kind that had hit Ireland's Ministry of Health last week.
Ms Powell noted that the attack forced the doctors to handwrite discharge notes, and radiology and only urgent tests were being done by the laboratory. Outpatient clinics were not able to run with no access to computer records of patients, and pharmacists had to roam the wards to check supply.