Editorial: Waikato DHB hacking the act of despicable criminals

The hacking of Waikato District Health Board systems is believed to be the biggest cyber attack in New Zealand's history. Photo / Google Streetview

EDITORIAL:

The cyber attack on the Waikato District Health Board reflects the chilling global shift in online crime from outright theft to extortion.

One of the most common forms of cybercrime has, until recent years, been the spreading of malware that infects victims' computers then unlawfully using the processing power to mine cryptocurrency, such as Bitcoin or Monero.

In 2020, a Twitter breach targeted 130 accounts, including those of past US presidents as well as Elon Musk, which resulted in attackers swindling $121,000 in Bitcoin through nearly 300 transactions.

However, the dropping value of cryptocurrencies may have weakened interest in this practice and criminals have turned to the storage of personal information and corporate files in an act known as ransomware, which hit a wave of companies, including Fisher & Paykel, Toll Group and Lion over 2020 and has escalated further this year.

The Imperva 2020 Cyberthreat Defense Report predicted global cybercrime damages will cost up to $6 trillion this year and a University of Maryland study estimated malicious hackers are now attacking computers and networks at a rate of one every 39 seconds.

Read more: Why hackers target hospitals

Cybersecurity business Varonis reports industries that store valuable information such as healthcare and finance are increasingly targets for hackers who want to steal social security numbers, medical records and other personal data.

Once the data has been accessed, criminals deploy various methods to leverage money. Most commonly, they steal or encrypt files, then seek a ransom for their return. Administrators are locked out of servers to thwart or slow backup and restore attempts. They may also retrieve some of the personal information and approach individuals with threats to release it online if money isn't forthcoming. Thirdly, they can threaten the administrators with releasing some of their clients' information unless monies are handed over.

Whatever the methods, and the threats, we should not surrender to them.

One key issue is complying to blackmail may not be the end of it. As Dublin-based security expert Brian Honan told the Herald's Chris Keall this week: "The people behind these attacks are criminals with little or no scruples ... there is no guarantee they won't release the data at another date, or return again at a later time demanding another payment".

Though it would be prudent to check whether cybersecurity was lax in any way, it should be noted the Waikato DHB is the victim in this crime.

Read more: Why Justice Minister won't make ransomware a crime

Ireland's public health service was hit in a similar manner on May 14. The Conti ransomware group behind the Irish hack was reportedly asking the health service for $27m to restore services after the "catastrophic hack" but then handed over the software tool, for free, to unlock the system. It appears the group had already accessed what it wanted and will continue to demand money or else make it public.

Waikato DHB chief executive Kevin Snee is right to declare no ransom will be paid. The only assured outcome of doing so would be the loss of more public money to despicable villains, who have wreaked havoc on an essential public service and impacted on vulnerable people's lives.

Any individual or agency similarly blackmailed should stand the same ground. There can be no assurances the threats will ever cease and to comply is to encourage others to join such a criminal enterprise.