A new intelligence report has found cyber attacks on New Zealand targets are on the rise and the Government needs to do more to protect our private information – especially in the health sector.
It follows the Pinnacle Health and Waikato District Health Board data breaches in 2022 and 2021 respectively, which saw thousands of people’s details stolen.
In its report, CyberCX said that in the second half of last year, the healthcare sector was in the top five most targeted sectors in Australia and New Zealand by cyber extortion groups. It ranked third alongside IT and wholesale and retail services.
Director of cyber intelligence at CyberCX Katherine Mansted said the pandemic made cyber security challenges worse.
“Healthcare organisations are a big target for cyber criminals because they have two things: A huge trove of sensitive information and the second thing is they’re essential to our community. When they’re disrupted, that causes us a lot of harm and criminals understand that,” Mansted said.
The report said cyber extortion poses the most significant risk to Aotearoa’s healthcare sector, but predicts that in 2023, nation-states will almost certainly target our heathcare organisations through cyber espionage.
It also predicts supply chain compromises will become increasingly more likely.
CyberCX said the risk from ransomware remains high, as does accidental data exposure, with human error accounting for a third of notifiable data breaches in Australia during the first half of last year.
Mansted said New Zealand should take heed of what it calls Australia’s “great data reckoning”, where a string of high-profile data breaches affected nearly one in two Australians last year.
“Healthcare organisations never used to have to think about being on the frontlines of national security and on the frontlines of criminal attack – they now are,” Mansted said.
“We’ve seen in Australia since we’ve had a Cabinet-level minister for cyber security, that the attention and the focus on cybersecurity has been taken to a whole new other level.”
A spokesperson for the Government’s Computer Emergency Response Team, or CERT, told Newshub it’s received increasing numbers of reports across cyber security threats in all sectors, but the health sector is of especially great concern. It said every year it updates its recommendations to help organisations improve their cyber defences.
The National Party’s technology spokesperson, Judith Collins, said more urgency is needed.
“I think what we’ve seen, certainly in Australia when I’ve been to see what they’re doing around digitising government records, it is really important we move much faster,” she said.