The Northland DHB says cyber-attacks are becoming more common. Photo / 123RF
The Northland DHB says cyber-attacks are becoming more common. Photo / 123RF
The Northland District Health Board is citing security reasons for not elaborating on how it protects digital patient information, despite acknowledging the growing risk of cyber-attacks.
In a Facebook post, the DHB described how cyber-attacks were becoming more common while recognising a clinical nurse manager for reporting suspicious online behaviour, earning her an annual "Cyber Hero" award.
"Cyber-attacks are becoming more common and anyone can be targeted, including us in the health sector," the post stated.
"Cyber baddies have the potential to cause mayhem in our online world so as always, prevention is the best way to reduce our risk of attack."
When asked by the Northern Advocate to elaborate on its cyber security efforts, given it was facing such attacks, the DHB said it would not comment publicly on the matter for reasons relating to security.
However, Northland DHB chief information officer Darren Manley did say the DHB considered the protection of personal data very seriously, employing the relevant safeguards.
"We use technologies that monitor, detect and block unauthorised traffic," he said.
"Our protections include the policy to not comment publicly on matters relating to cyber security."
He added DHB staff undertook online information security training which taught them techniques to stay safe online.
The IT platforms for the four northern region DHBs (Northland, Auckland, Waitematā and Counties Manukau) are provided by Auckland company, healthAlliance. Richard Harrison, healthAlliance's chief information security officer, assured the public their data was safe.
"While Northland DHB doesn't comment publically on matter's relating to cyber security, as you would expect, the DHB takes the protection of data and systems very seriously and has relevant protections in place to safeguard personal information," he said.
The dangers of online attacks was punctuated in August after the New Zealand Stock Exchange faced a cyber-attack over four days which suspended trading.
New Zealand's cyber security government agency is the Computer Emergency Response Team NZ (CERT NZ), and deputy director Declan Ingram said he understood why the DHB would keep their cyber security details private, but also recognised the public's ownership of their own health information.
He said organisations would often not release cyber security details to avoid giving any potential cyber criminal inside information regarding their online safeguards.
From April to June this year, there were nine incidents reported to CERT NZ of cyber crime from the health sector. Ingram said that was relatively low compared to the technology or finance sectors, which saw hundreds of incidents per quarter.
However, Ingram acknowledged the threat cyber crime posed to healthcare organisations.
"The health sector is particularly important and any loss of data is particularly concerning," he said.
Computer Emergency Response Team NZ (CERT NZ) deputy director Declan Ingram. Photo / Supplied
In CERT NZ's quarterly report for the first two quarters in 2020, New Zealand lost almost $8 million to cyber crime. The figure followed last year's trend, which saw $16.7m lost across 12 months.
From January 1 to June 30, there were 3102 incident reports registered by CERT NZ. However, there was almost double the number of reports in the second quarter (January-March) with 1965 reports compared with the 1137 filed in Q1.
In April, there were 820 incident reports filed - the greatest number of reports in any month since CERT NZ's launch in 2017. There was also a 229 per cent increase in scam and fraud incidents in Q2 compared to Q4 in 2019.
While he said it was difficult to pinpoint one reason for the Q2 spike, Ingram believed one contributing factor was the financial impact caused by Covid-19.
"One of the possible explanations is that perhaps people have moved to cyber crime in order to maintain and income.
"If it costs an attacker a few hundred dollars to execute a ransomware attack, if they could potentially net a few hundred thousand dollars out of that attack, then from their perspective, that would make good business sense."
Ingram said with many businesses setting up online platforms for employees to work from home during lockdown, it could give cyber criminals opportunities to infiltrate less secure systems.
Ingram said the most common types of cyber crime currently were ransomware and fake invoicing. Ransomware described how a cyber criminal would upload nefarious software onto a computer and taking control of the device, forcing the owner to pay money to regain control.
Fake invoicing was when a cyber criminal accessed an organisation's email system, viewed its emails and then modified invoices to see payments to or from the organisation go to the criminal.
Ingram said there was a recent trend of large-scale ransomware attacks, whereby cyber criminals would take over an organisation's entire online system and demand hundreds of thousands of dollars in return.
Despite the real threat cyber crime posed, Ingram said there was basic measures individuals and businesses could employ which would shore up their online security, some as basic as unique password selection, using a password manager and employing two-factor authentication.
• Back up your data • Keep your devices and your apps up-to-date • Choose unique passwords • Turn on two-factor authentication • Be creative with the answers to your account recovery questions • Avoid sensitive transactions on free wifi • Install an antivirus and scan for viruses regularly • Be smart about social media • Limit the personal information you give out online • Check your bank statements • Get a credit check
