Waikato DHB cyberattack a sign of things to come

Incident “not surprising” given Kiwi companies’ low cyber cover, say experts

Waikato DHB cyberattack a sign of things to come

Cyber

By Gabriel Olano

The recent cyberattack on the Waikato District Health Board is not a one-off incident and is likely to happen again, suggests experts.

This is due to only 6% of Kiwi companies having adequate cyber protection, according to FintechNZ. In the event of a cyberattack, the results could be devastating, said FintechNZ general manager James Brown. Citing data from IBM, he said that companies take an average of 197 days to identify, and 69 days to contain, a breach.

“The COVID pandemic has changed cyber security globally,” he said. “We know attackers will continue to refine their techniques and strengthen their skills to evade security to reach their ultimate objective.”

The attack on Waikato DHB is believed to have entered through an email attachment. The attack brought down the region’s electronic systems in five hospitals. This caused difficulties in accessing patient notes and caused the delay of elective surgeries.

Meanwhile, the high concentration of smartphones in New Zealand could make businesses and organisations more vulnerable, Brown said. The pandemic has also provided a fertile ground for cybercriminals.

CERT NZ, a government agency which supports those affected by cybersecurity incidents, noted an almost 65% increase in cyber incident reports. It received 7,809 reports in 2020, up from 4,740 reports in 2019.

These incidents have caused $16.9 million in direct financial losses, and this is just the tip of the iceberg, according to Jono Soo, head of cyber specialty for Marsh in New Zealand.

“For many companies and organisations, recent national and global events have highlighted a stark new reality of how cyberattacks can impact day-to-day life, such as receiving basic healthcare or access to petrol,” Soo said.

“Organisations need to be actively prioritising their cyber security processes and thoroughly review how they would respond to a major cyber incident if it were to affect them.”

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!