Cyber-attack: now New Zealand health provider targeted

The spate of current high profile cyber-attacks has continued with a public health provider in New Zealand targeted, taking down information systems across five hospitals and forcing staff to cancel some elective surgeries and creating all sorts of other problems.

Waikato District Health Board CEO Kevin Snee said its emergency department was now only taking urgent patients.

He added that administrators were working to resolve the issue, but he gave no timeline for when the system might be restored.

Dr Deborah Powell, the national secretary for two unions representing doctors and other health professionals, said the attack hit every part of the operation, with doctors unable to access clinical records to quickly assess patients.

Powell stressed she didn’t believe patients were at extra risk because staff were using workarounds. She said she was told it was a ransomware attack but she didn’t have all the details.

However, New Zealand’s Ministry of Health described it only as an “attempted cyber incident.”

The New Zealand attack follows a ransomware attack on Ireland’s health service last week.

The service shut down all its IT systems on Friday (14 May) to protect them from a “significant” ransomware attack, crippling diagnostic services, disrupting COVID-19 testing and forcing hospitals to cancel many appointments.

An international cyber-crime gang was behind the attack, Ireland’s minister responsible for e-government Ossian Smyth said, describing it as possibly the most significant cyber-crime attempt against the Irish state.

Ireland’s COVID-19 vaccination programme was not directly affected, but the attack was affecting IT systems serving all other local and national health provision, the head of the Health Service Executive (HSE) said.