Key Takeaways
- The recent ransom hack on New Zealand’s largest health portal, Manage My Health, is one of the country’s biggest cybersecurity incidents, with hackers threatening to release over 400,000 documents stolen from 126,000 patients.
- The National Cyber Security Centre (NCSC) has reported an increase in commercialization of cybercrime, with known weaknesses and unpatched vulnerabilities in New Zealand providing easy access to threat actors.
- The NCSC advises against paying ransoms to hackers, as it does not guarantee the recovery of stolen data or the unlocking of systems.
- Recent cybersecurity incidents in New Zealand include the Waikato District Health Board (DHB) incident, the Tonga Health System attack, and the Qantas data breach.
- The use of artificial intelligence (AI) has added to the threat of cyber attacks, allowing attackers to launch convincing and scalable attacks without advanced technical skills.
Introduction to Cybersecurity Incidents in New Zealand
The recent ransom hack on Manage My Health, New Zealand’s largest health portal, has been billed as one of the country’s biggest cybersecurity incidents. The hackers have threatened to release over 400,000 documents stolen from 126,000 patients if the private company fails to pay $60,000 by a specified deadline. This incident has prompted a government review of what happened, looking into whether security protections were sufficient, and any improvements that should be made. Manage My Health is seeking an injunction on the patient information being used publicly and is working to notify those affected. The company is also working with Health NZ, the Ministry, the Privacy Commissioner, and General Practice to minimize ongoing risk.
The National Cyber Security Centre’s Report
The National Cyber Security Centre (NCSC) has reported an increase in commercialization of cybercrime, with known weaknesses and unpatched vulnerabilities in New Zealand providing easy access to threat actors. The NCSC’s latest Cyber Threat Report in December identified increasing commercialization of cybercrime, with more than 40 percent of incidents having links to criminal or financially motivated attacks. The agency advises not paying ransoms to hackers, as it does not guarantee the recovery of stolen data or the unlocking of systems. The report also highlights the use of artificial intelligence (AI) in cyber attacks, allowing attackers to launch convincing and scalable attacks without advanced technical skills.
Notable Cybersecurity Incidents in New Zealand
One of the most notorious attacks affecting New Zealand specifically is the Waikato District Health Board (DHB) incident, which received significant media attention due to its clear effect on local hospitals. The attack paralyzed services at five hospitals on May 18, 2021, after hackers brought down the District Health Board’s 611 servers and, six weeks later, leaked private data from more than 4,000 patients and employees on the dark web. Another notable incident is the Tonga Health System attack, which took down the country’s health system for nearly a month in June last year. The hackers demanded $1 million, but the ransom was not paid, and Tonga got help from Australia to restore their system.
Case Studies and Examples
The NCSC’s report highlights a case study of a health sector organization that was able to recover quickly from a ransomware attack due to strong security and quick responses. The organization’s IT provider helped it to take initial remediation steps, which included changing credentials, updating accounts, and deploying extra security measures. The report also notes that frequent backups allowed the organization to recover quickly, but having multi-factor authentication (MFA) would have prevented the attack. Another example is the Qantas data breach, which affected 5.7 million customers, including New Zealanders. The breach stole data from about 40 companies worldwide, including customer records, names, email addresses, and frequent flyer details.
Other Notable Cybersecurity Incidents
Other notable cybersecurity incidents in New Zealand include the Nissan cyber attack in 2024, which affected about 100,000 customers, and the Latitude Financial data breach in 2023, which affected more than 14 million documents. The Mercury IT attack in 2022 saw Health NZ and the Ministry of Justice lose access to health and coronial files, while the Squirrel attack in 2024 exposed about 600 peer-to-peer investors’ passport or driver’s license details. The AA Traveller website breach in 2022 affected hundreds of thousands of customers, and the China-accused hacking of the New Zealand Parliament in 2021 is also a notable incident.
Conclusion and Recommendations
In conclusion, the recent ransom hack on Manage My Health is a significant cybersecurity incident that highlights the importance of robust security measures and quick responses. The NCSC’s report emphasizes the need for organizations to prioritize cybersecurity, including implementing multi-factor authentication, keeping software up to date, and having frequent backups. The use of artificial intelligence (AI) in cyber attacks has added to the threat, and organizations must be prepared to respond quickly and effectively to minimize the impact of an attack. By learning from these incidents and taking proactive steps to improve cybersecurity, New Zealand can reduce the risk of future attacks and protect sensitive data.
