The cyberattack on the Waikato District Health Board was likely executed through someone opening an infected email attachment, according to reports.
The attack caused knocked out the phone lines and computers of several hospitals in the district – Thames, Tokoroa, and Taumarunui, Te Kūiti, Thames, Tokoroa and Waikato. Most IT functions and services, excluding email, went out of commission on Tuesday morning.
Kevin Snee, chief executive of Waikato DHB, told Radio NZ that the attack seems to have been triggered by someone opening an email attachment.
“It appears to have been attached to an email, that is our working hypothesis,” he said.
Snee said the attackers have not issued any threats to divulge any patient information, but have demanded a ransom to be paid for the attack to be lifted.
The New Zealand government’s policy is not to pay ransoms, and Snee said he “wholeheartedly agrees” with the stance.
The attack caused surgeries to be postponed, and Snee said the DHB will have to rely on the private sector to make up for lost time. He said recovery is continuing at a gradual pace, but some disruptions are expected to last until the weekend.
“We are working with cybersecurity experts, and they will be isolating the problem and building the system back up,” he said.
According to the Ministry of Health, this cyberattack is one of many daily attempts to hack into New Zealand’s healthcare system. The Ministry refused to comment on the Waikato DHB incident due to “security reasons”.
It does not appear to be connected to the cyberattack on Ireland’s health system last week. There have been several high-profile targets of cyberattacks in recent days, including the Colonial Pipeline in the US, and the Asian businesses of global insurer AXA.
