New Zealand, hacker attack: Zeppelin ransomware blocks patient care at Waikato DHB
New Zealand, hacker attack: Zeppelin ransomware blocks patient care at Waikato DHB
Marco A. De Felice aka amvinfe May 27, 2021 No Comments Brett CallowData BreachEmsisoftRansomware ZeppelinStuffWaikato DHB
Facebook Twitter
More than a week after the May 18 cyber attack, the computer systems of the Waikato District Health Board (Waikato DHB) have not yet been restored.
Some scheduled surgeries in DHB's five hospitals have been postponed, while non-urgent cases are postponed until all IT systems are back in operation.
From what has been learned, it would seem that the "Zeppelin" ransomware variant used mainly by cybercriminals to target entities operating in the health and technology field in Europe and the United States may have caused the blocking of the approximately 700 PC servers in the New Zealand Health District. .
img. di Libby Wilson/Stuff
More than a week after the cyber attack, it is still unclear when all the information systems of the Waikato DHB will be able to return to operation. Andrew Little , Minister of Health, told the New Zealand online newspaper Stuff that the main interest now must be to ensure care for the sick and to provide health professionals with the appropriate tools to be able to use the hand tools at their disposal.
“For me the priority of the moment is patients getting the care they need, and that staff are looked after and able to operate the manual systems they’ve got. That the recovery’s underway.”
To date, the Waikato DHB has not yet been able to quantify the real impact that the cyber attack had on the quantity and quality of the exfiltrated data. What is certain is that cybercriminals sent an e-mail to major New Zealand news organizations on Monday claiming data theft.
In the e-mail, the ransomware group further stated that a large number of sensitive patient data, healthcare personnel, as well as financial documents in their possession, will be published should the Waikato DHB decide not to meet the ransom demands.
A May 26 note published on the Waikato DHB website states that all news agencies have decided not to disclose the personal information of patients and health personnel in their possession. The note also describes which manual procedures have so far been implemented to cope with the enormous reorganization work and those already in place to determine the best procedures for deferred patient care. The most important surgeries - continues the note - are progressing while those already planned are continuing where they can be performed in total safety.
Emsisoft , a computer security company based in Nelson - New Zealand, has expressed its willingness to help the Health District with IT system recovery operations. Brett Callow , an analyst at Emsisoft, claims that data encryption can be stopped in about 60% of cases due to ransomware-type infections. Emsisoft has offered to assist the Waikato DHB free of charge, but has not received any response at this time.
This morning SuspectFile sent an email to the Waikato District Health Board's Media and Communications Team asking for a confirmation or denial statement regarding the type of ransomware affecting the New Zealand Health District. We have not received a response at the moment.
The article will be updated when we have new details.
Marco A. De Felice aka amvinfe May 27, 2021 No Comments Brett CallowData BreachEmsisoftRansomware ZeppelinStuffWaikato DHB
Facebook Twitter
More than a week after the May 18 cyber attack, the computer systems of the Waikato District Health Board (Waikato DHB) have not yet been restored.
Some scheduled surgeries in DHB's five hospitals have been postponed, while non-urgent cases are postponed until all IT systems are back in operation.
From what has been learned, it would seem that the "Zeppelin" ransomware variant used mainly by cybercriminals to target entities operating in the health and technology field in Europe and the United States may have caused the blocking of the approximately 700 PC servers in the New Zealand Health District. .
img. di Libby Wilson/Stuff
More than a week after the cyber attack, it is still unclear when all the information systems of the Waikato DHB will be able to return to operation. Andrew Little , Minister of Health, told the New Zealand online newspaper Stuff that the main interest now must be to ensure care for the sick and to provide health professionals with the appropriate tools to be able to use the hand tools at their disposal.
“For me the priority of the moment is patients getting the care they need, and that staff are looked after and able to operate the manual systems they’ve got. That the recovery’s underway.”
To date, the Waikato DHB has not yet been able to quantify the real impact that the cyber attack had on the quantity and quality of the exfiltrated data. What is certain is that cybercriminals sent an e-mail to major New Zealand news organizations on Monday claiming data theft.
In the e-mail, the ransomware group further stated that a large number of sensitive patient data, healthcare personnel, as well as financial documents in their possession, will be published should the Waikato DHB decide not to meet the ransom demands.
A May 26 note published on the Waikato DHB website states that all news agencies have decided not to disclose the personal information of patients and health personnel in their possession. The note also describes which manual procedures have so far been implemented to cope with the enormous reorganization work and those already in place to determine the best procedures for deferred patient care. The most important surgeries - continues the note - are progressing while those already planned are continuing where they can be performed in total safety.
Emsisoft , a computer security company based in Nelson - New Zealand, has expressed its willingness to help the Health District with IT system recovery operations. Brett Callow , an analyst at Emsisoft, claims that data encryption can be stopped in about 60% of cases due to ransomware-type infections. Emsisoft has offered to assist the Waikato DHB free of charge, but has not received any response at this time.
This morning SuspectFile sent an email to the Waikato District Health Board's Media and Communications Team asking for a confirmation or denial statement regarding the type of ransomware affecting the New Zealand Health District. We have not received a response at the moment.
The article will be updated when we have new details.
