• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

“The Biggest Cyber Attack In New Zealand’s History”

May 28, 2021 By Trevor Collins

A large cyber attack has caused chaos in the New Zealand healthcare system over the past few weeks. Multiple hospitals in New Zealand became crippled due to locked phone lines and computers from a large ransomware attack. Though the ransom note didn’t contain a dollar amount the note indicates a “ransomware event” according to the head of Waikato’s district health board Kevin Snee. In another interview he said, “It’s probably the biggest cyber attack in New Zealand’s history. We are dealing in uncharted territory here.” News outlets just today reported the group that attacked Waikato healthcare system released “documents, records, and phone numbers and addresses of patients and hospital employees” to them in an apparent double extortion attempt. We have yet to see any of this information on the darkweb but we expect the group will release the private data at some time in the future.

Nurses couldn’t look up patient information due to this attack. Nurses and doctors resorted to pen and paper and asking patients what they came for and who they came to visit. The hospitals postponed many elective surgeries and transferred patients to other facilities. The hospitals have also asked patients not to come to the emergency room due to long delays unless they need immediate care for a life-threatening injury.

Investigators have not released how the group that hacked the hospitals first got access. In most cases like this one the malware starts as an email. Users tend to create the biggest holes in a network’s security. We shouldn’t blame the user who opened the email but encourage users to notify investigators of the issue. Administrators and security experts have the responsibility to teach users about suspicious emails and perform evaluations of users with periodic tests. Any security system must have a layered defense that includes the user.

 

Share This:

Related

Filed Under: Uncategorized

Comments

  1. WTS says

    June 1, 2021 at 3:16 pm

    It’s too bad nobody makes gateway and system solutions for IP, ID and DR…

    IP is often neglected, and ID is too often not considered at all. So, DR from bare metal is really the be all end all in most situations. If you aren’t going to invest in preventing or recognizing a breach you sure should invest in a rapid recovery plan. In this case they still would have the entirely unacceptable loss of patient data, but would have not had lives put at risk from down systems. If they had bare metal capability they would have been able to shut down and spin back up in hours instead of being crippled for however long.

    There really are industry best practices that mitigate this exact situation. While you might not be able to stop every data breach in every scenario you can absolutely control RTO and RPO for DR.

    On another note, may be a good example of outdated and insufficient legal understanding of cyber threats. This attack could have or still could result in loss of life or physical harm to patients. It should be prosecuted as such on top of cyber crimes.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use