Written by Sean Lyngaas
New Zealand health officials have been for several days facing a “cybersecurity incident” that has hampered non-urgent care at several hospitals south of the Auckland capital. Local media reports that ransomware is the cause.
The computer systems of the Waikato District Health Board, which oversees health services for 425,000 people on the North Island of New Zealand, have been offline as government cyber officials investigate the cause of the incident . The investigation is ongoing, “however [we] they are working on the theory that the initial raid was via an email attachment, “the health council said in a statement on Wednesday.
Emergency care continues, but the disruption has led to the postponement of some elective surgeries at one of the board’s health facilities, Waikato Hospital, “while several outpatient clinics have been reduced.” said the board. Some of the outpatients affected include those treating respiratory illnesses and infectious diseases.
Waikato DHB CEO Kevin Snee said the process of fully restoring IT systems in the hospital network is likely to be extended until next week, the New Zealand Herald reported. Twenty cancer patients may have to be moved to facilities in other cities, according to the document.
The Waikato District Health Board is in the midst of a recovery process that has gone through health organizations around the world during the coronavirus pandemic, as cybercriminals have continued to shut down computers and demand a ransom. In the first week of December 2020, there were nearly twice as many publicly reported ransomware attacks against healthcare providers compared to the entire 2019, according to intelligence firm on threats Recorded Future.
The apparent ransomware attack in New Zealand occurs when the Irish public health system tries to return to the net after its own ransomware hack. Irish authorities have said it will take “many weeks” to completely restore computer systems after the hacking, which has affected maternity care and chemotherapy, among other services.
Meanwhile in the United States, Scripps, a San Diego-based nonprofit with five hospital campuses, has been facing a “security incident” for weeks that left its IT applications offline and forced him to reschedule some patient appointments. The non-profit website went back online on Thursday after weeks of being inactive.
Uncontrolled attacks of ransomware against health organizations during the pandemic have increased pressure on governments to take action. A public-private ransomware working group has recommended that U.S. prosecutors prioritize and seek harsher punishments for ransomware cases that threaten public safety and health.