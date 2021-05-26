The systems are still down a week after a ransomware attack disrupted the IT network of five hospitals in Waikato’s New Zealand district, and concerns remain that the patient’s private information may have been exposed.

Patients are required to attend paper-based appointments, and banks are required to respect automatic payments for hospital staff who were either paid or unpaid at all, a week after the Waikato County Health Board said it experienced a complete outage. its information services.

Until Tuesday, manual processes were implemented to support the backlog of patients as the public was reminded to “look for alternative treatment options if they are not well ill”.

The head of the health board, Kevin Snee, told reporters that “there is a real threat that some people’s personal information may have been compromised as a result of the cyber attack”.

Andrew Little, the health minister and minister in charge of New Zealand intelligence agencies, said he could not give the concerned patients any assurance that their personal data had not been compromised.

“All the advice I have had so far is definitely, they have logged in and encrypted them, there is a chance that they have taken data from the system and extracted it,” Little told Radio New Zealand on Monday . He said DHB was rebuilding its system and operations would be back online “hopefully by the end of this week”.

There was no official word on whether the attackers had demanded a ransom. Last week Snee told reporters there would be no ransom payment and that the board had backup copies of all his files he would use to rebuild his system.

The incident in Waikato, a local government region on New Zealand’s upper North Island, bears striking similarities to the May 14 cyber attack on Irish hospitals. Officials there were forced to shut down many of their computers after hackers acquired the health care system. Even there, hospitals were forced to cancel services and staff had to rely on paper rather than PC.

The hackers who targeted the Irish health service call themselves the ContiLocker Team and use a type of ransomware known as Conti to break into victims’ machines and extort payments. When Waikato hospitals first had to close, the head of the New Zealand Medical Association, Deborah Powell, said the attack appeared to be of the same kind. Radio New Zealand reported Powell saying that “it was her understanding that the cyber attack was a kind of ransomware called ‘Conti'”.

Asked for clarification, the Association of Permanent Physicians said she was not immediately available and was unlikely to speak further on the matter.

The FBI said in a statement on May 20 that more than 400 primarily healthcare and first response organizations worldwide have been victimized by Conti and that “recent reward claims have been up to $ 25 million.”

The New Zealand government cyber agency declined to say whether it was in contact with Irish authorities in connection with the incident. “The NCSC knows from its involvement in other significant cyber attacks that malicious actors may monitor what is being said in the media, and this may affect their conduct,” the National Cyber ​​Security Center said in a statement. .

Several New Zealand media organizations reported that they had received communication from someone claiming responsibility for the attack. Radio New Zealand said on Tuesday that the emails appear to contain repositories of documents, including the latest data on staff numbers and names, financial records, contracts and complaints. There were also files containing screenshots identifying hundreds of patients and staff, with several documents describing diagnoses and medical information, RNZ reported.

It’s the second major cyber attack New Zealand has encountered in less than a year. Last August, its stock exchange had to suspend trading for a period of four days due to a widespread denial of service attack that forced its public site offline.

Minister Little said a review would have to be done to understand how “an entire IT system, phones, computers, everything, seems to have collapsed”.

The Waikato violation was “a high degree of exposure. “You would expect in this time and era that there would be adequate protection around these kinds of things,” he told Radio New Zealand.

