The problem of ransomware does not just affect the U.S. A New Zealand hospital was hit last week, having to cancel surgeries and turn away patients.
On Tuesday, the New Zealand Waikato District Health Board (DHB) was hit hard by a ransomware attack and crippled its IT department and forced a shutdown of services among six of its hospitals. Everything was affected except email.
Medical personnel could not access patient records, perform clinical services, and many surgeries were canceled until things were restored. The hospital’s phone lines were even down, so they could only accept emergency patients.
What Does Waikato District Health Board Say?
In a comment to local news outlet Stuff, Kevin Snee, Waikato DHB Chief Executive, said that it would be days before everything was operating normally. The hospitals have begun referring all non-emergency patients to other facilities, and the staff is using pen and paper to keep records until the incident is over.
They made a public statement yesterday saying,
“Our staff are working to restore the infected systems and on the remediation process. We are working with the relevant government departments to ensure a secure environment is successfully re-established.”
“At affiliate Waikato Hospital, 29 out of 102 elective inpatient surgeries were postponed today. Yesterday, six out of 101 were canceled. At affiliate Thames Hospital, all elective surgeries were postponed. All outpatient activity was deferred at affiliate hospitals in rural areas.”
They concluded the message with,
“We are currently working with other government departments to investigate the cause, but are working on the theory that the initial incursion was via an email attachment. A forensic investigation is ongoing.”
Will They Pay the Ransom?
Many victims choose not to pay ransomware gangs. Recently Colonial Pipeline paid $4.4 million to restore their systems. A lot of cybercriminals have pledged not to attack infrastructure companies, schools, and medical providers. However, this particular attack appears to be similar to a WizardSpider hacker incident, and this group obviously does not honor such pledges.
Snee also told Stuff that “no ransom will be paid,” to cybercriminals. The hospital conglomerate has decided not to pay and to clean up the infection themselves. They are working closely with law enforcement to investigate the matter further.
Have We Become Too Reliant on Technology?
It is terrifying to think that ransomware gangs can swoop in anytime they like and seriously affect fuel prices and delivery, patient care, and other services that we rely on to survive. When a hospital is all but shut down because of a malware infection, it begs the question, have we become too reliant on technology?
The more urgent question is what can be done about it? Apparently, no one is immune from these attacks, and rarely is any company fortified enough, even security powerhouses like Microsoft and FireEye, to thwart these attempts.
Although there is an ongoing investigation, rumors say that the attack on New Zealand’s hospitals came through email. Phishing is one of the number one ways criminals get their foot in the door. Improved employee training and honoring best practices are part of what is needed to fix the problem. Some other tips to keep companies safe are:
- Force password resets for all employees.
- Allow only strong passwords to be used.
- Never let employees click on links or download attachments in email.
- Educate employees on phishing, social engineering, and other malicious tactics.
- Never reuse passwords on multiple websites.
- Use good, strong antivirus/anti-malware software on all servers and devices.
- Hire forensic experts to audit your security system and make improvements to security.
- Install network monitoring to watch for any unwanted intrusions.