Story image

National Party calls out Health Minister's 'dismissive' take on DHB security

25 Jul 2018

After last week’s revelations that the Bay of Plenty District Health Board deals with up to 860,000 cyber attacks per day, the National Party’s Data and Cybersecurity spokesperson Dr Shane Reti has called out the current Health Minister’s apparent lack of concern.

Last week Newshub broke the story that the Bay of Plenty District Health Board is bombarded with threats each week.

According to National’s Data and Cybersecurity spokesperson Dr Shane Reti, current Health Minister Dr David Clark dismisses general cybersecurity concerns as ‘hypothetical’ – despite the fact that the UK is still dealing with major cyber attacks such as Wannacry.

The Wannacry ransomware crippled the UK’s National Health System and many healthcare providers in May 2017. Reti Believes it’s critical that New Zealand’s District Health Boards are fully equipped to protect and handle important data.

“Official information obtained by the National Party shows just how prolific these cyber attacks are, with most of the 800,000 daily attacks on the Bay of Plenty DHB originating in Russia and the Ukraine,” Reti says.

“Dr Clark has downplayed cybersecurity issues by saying he won’t deal in hypotheticals. There is nothing hypothetical about our DHBs being under cyber attack– it is clearly occurring and at an alarming rate.”

He believes this shows a lack of leadership. He also believes the Minister needs to roll out a ‘cybersecurity stocktake’ and security improvements for all District Health Boards.

“CERT NZ is well placed to do that work. It was established by the National Government as a first response cybersecurity centre for collating, analysing and advising members of the public, business and the government on cybersecurity matters,” Reti explains.

“The Health Minister needs to take issues of cybersecurity in our DHBs seriously and act to ensure that our DHBs, the systems that they run and the data that they hold are safe.”

According to CERT NZ’s latest Q1 2018 Quarterly Report, New Zealand businesses and individuals reported 506 incidents between 1 January and 31 March this year.

Four of those reports came from businesses in the healthcare and social assistance sector; while 92 came from the financial and insurance services sector.

Phishing and credential harvesting was the most common incident report; followed by scams and fraud; unauthorised access; reported vulnerabilities; and ransomware all rounded out the top five most common reports.

The last quarter also reported upwards of $2.9 million in direct financial losses, most of which came from individuals ($2.2 million). Organisations reported $728,000 in direct financial losses.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.