Threat Watch

Waikato DHB Suffers From Unknown Ransomware Strain

An unknown strain of ransomware has made its way through the Waikato District Health Board (DHB). The attack on Tuesday morning caused numerous services to go offline or be cancelled, with the only service still operating being email. Surgeries have had to be postponed and some have even been cancelled. There is currently no timetable for when things will be back up and running. The hospital board released a statement that said, “We are currently working with other government departments to investigate the cause but are working on the theory that the initial incursion was via an email attachment. A forensic investigation is ongoing.” After meetings, the head of Waikato DHB has decided to not pay the ransom.

ANALYST NOTES

Much is still unknown or yet to be released about this attack. The security measures that the Waikato DHB had in place are unknown. It is likely the company will bolster their security efforts in the future. Binary Defense suggests pairing anti-virus solutions with an Endpoint Detection and Response (EDR) platform for a better chance at defending against ransomware and other attacks in the future.

https://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/?&web_view=true