New Zealand Hospitals Forced to Cancel Surgeries After a Cyber Attack

Posted on by Dawna M. Roberts in News June 03, 2021

 The problem of ransomware does not just affect the U.S. A New Zealand hospital was hit last week, having to cancel surgeries and turn away patients.

What Happened?

On Tuesday, the New Zealand Waikato District Health Board (DHB) was hit hard by a ransomware attack and crippled its IT department and forced a shutdown of services among six of its hospitals. Everything was affected except email.

Medical personnel could not access patient records, perform clinical services, and many surgeries were canceled until things were restored. The hospital’s phone lines were even down, so they could only accept emergency patients.

What Does Waikato District Health Board Say?

In a comment to local news outlet Stuff, Kevin Snee, Waikato DHB Chief Executive, said that it would be days before everything was operating normally. The hospitals have begun referring all non-emergency patients to other facilities, and the staff is using pen and paper to keep records until the incident is over.

They made a public statement yesterday saying,

“Our staff are working to restore the infected systems and on the remediation process. We are working with the relevant government departments to ensure a secure environment is successfully re-established.”

“At affiliate Waikato Hospital, 29 out of 102 elective inpatient surgeries were postponed today. Yesterday, six out of 101 were canceled. At affiliate Thames Hospital, all elective surgeries were postponed. All outpatient activity was deferred at affiliate hospitals in rural areas.”

They concluded the message with,

“We are currently working with other government departments to investigate the cause, but are working on the theory that the initial incursion was via an email attachment. A forensic investigation is ongoing.”

Will They Pay the Ransom?

Many victims choose not to pay ransomware gangs. Recently Colonial Pipeline paid $4.4 million to restore their systems. A lot of cybercriminals have pledged not to attack infrastructure companies, schools, and medical providers. However, this particular attack appears to be similar to a WizardSpider hacker incident, and this group obviously does not honor such pledges.

Snee also told Stuff that “no ransom will be paid,” to cybercriminals. The hospital conglomerate has decided not to pay and to clean up the infection themselves. They are working closely with law enforcement to investigate the matter further.

Have We Become Too Reliant on Technology?

It is terrifying to think that ransomware gangs can swoop in anytime they like and seriously affect fuel prices and delivery, patient care, and other services that we rely on to survive. When a hospital is all but shut down because of a malware infection, it begs the question, have we become too reliant on technology?

The more urgent question is what can be done about it? Apparently, no one is immune from these attacks, and rarely is any company fortified enough, even security powerhouses like Microsoft and FireEye, to thwart these attempts.

Although there is an ongoing investigation, rumors say that the attack on New Zealand’s hospitals came through email. Phishing is one of the number one ways criminals get their foot in the door. Improved employee training and honoring best practices are part of what is needed to fix the problem. Some other tips to keep companies safe are:

  • Force password resets for all employees.
  • Allow only strong passwords to be used.
  • Never let employees click on links or download attachments in email.
  • Educate employees on phishing, social engineering, and other malicious tactics.
  • Never reuse passwords on multiple websites.
  • Use good, strong antivirus/anti-malware software on all servers and devices.
  • Hire forensic experts to audit your security system and make improvements to security.
  • Install network monitoring to watch for any unwanted intrusions.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagram’s c... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien” is ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the country, ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% of the... Read More

Scan Your Records for Breaches, Leaks & Exposures!