Waikato DHB IT Outage

Forums › IT Pro and developers › Waikato DHB IT Outage

1 | 2 | 3 | 4 | 5 | 6

5705 posts

Uber Geek
+1 received by user: 3666

Lifetime subscriber

#2709074 18-May-2021 16:21

tehgerbil:

I found out DHB's do not have any form of coherent interoperability between the regions. Ironically might have saved this going nationwide.. But if you see a Dr in Auckland and you're from Christchurch the Auckland Dr can't just log into an app and see your details, they have to be manually faxed (!!) through apparently!?

A bit OT, but you're correct.

Until about 5 or 6 years ago, there was little to no data sharing between DHBs. In that time, most of the DHBs have formed regional systems for sharing clinical information, so your Christchurch/Auckland scenario is correct, but a Nelson doctor would (I think) be able to see Christchurch's data. Also until a couple of years ago, email was considered insecure, so documents would be printed, faxed, and scanned to get them from one DHB to another. Nowadays email between DHBs goes through a secure VPN, so documents can be emailed. However, many staff are still wedded to the old ways.

Until recently, there was/is also a separation between primary practice (GPs and PHOs) data and DHB data, although at least in my region it's been linked. The information that a GP records on a patient wasn't accessible to hospital doctors.

Beccara

1473 posts

Uber Geek
+1 received by user: 517

ID Verified

#2709078 18-May-2021 16:26

wellygary:

JaseNZ:

Pricks, why target a hospital if you are going to do it target a bank or something.

I doubt there was much "targeting" it will simply be a package that had been widely distributed or emailed and someone has clicked a iink or run a infected programme via USB stick etc..

Working in the field this a little bit incorrect. Health IT systems get hit with the normal crap flying around the internet that hits everyone but Health also like other targeted fields get's targeted attempts, I've personally been involved with social engineering/phishing attacks that incorporated a number of elements that your typical @gmail.com or generic business isn't exposed to

Most problems are the result of previous solutions...

All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated

ezbee

2657 posts

Uber Geek
+1 received by user: 3099

#2709098 18-May-2021 16:45

RNZ apparently had a report from someone working at the DHB that's its a Conti ransomware attack same as what happened to Ireland.

https://www.bleepingcomputer.com/news/security/conti-ransomware-also-targeted-irelands-department-of-health/

kiwifidget

"Cookie"
3641 posts

Uber Geek
+1 received by user: 1969

Lifetime subscriber

#2709099 18-May-2021 16:49

Thank goodness we havent amalgamated DHBs yet, or even more people would be affected.

Delete cookies?! Are you insane?!

panther2

385 posts

Ultimate Geek
+1 received by user: 143

#2709102 18-May-2021 17:01

Surely they have locked down to only secure USB drives and gmail etc being blocked.

Has been by some

CB_24

371 posts

Ultimate Geek
+1 received by user: 33

#2712884 25-May-2021 15:20

Threat or not?

https://www.nzherald.co.nz/nz/waikato-dhb-cyber-attack-group-claims-responsibility-says-it-has-confidential-patient-details/OV6DORGTXIU474ANBCZH7NXZOY/

Dyson

Shop now for Dyson appliances (affiliate link).

djtOtago

1181 posts

Uber Geek
+1 received by user: 605

#2712885 25-May-2021 15:28

Can't tell. Your link goes to a "not found" page.

JaseNZ

2576 posts

Uber Geek
+1 received by user: 1489

ID Verified

Lifetime subscriber

#2712897 25-May-2021 16:02

People are more than welcome to pictures of my last colonoscopy in fact I dare you.

Ding Ding Ding Ding Ding : Ice cream man , Ice cream man

wellygary

8813 posts

Uber Geek
+1 received by user: 5297

#2712900 25-May-2021 16:11

To be Honest, Isn't the ONLY way to be safe is to air gap the entire network and rebuild ALL THE CONNECTED MACHINES FROM SCRATCH??

- How practical this is I don't know,??

But the risk of an untriggered dormant package buried somewhere being set off later must be high up on the list of possibilities,

SATTV

1670 posts

Uber Geek
+1 received by user: 658

ID Verified

#2712904 25-May-2021 16:18

Sadly my wife had a tumble on Sunday and broke her ankle, had to get Ambulance into Waikato hospital.

On the face of it, there looks like they have extra staff on to cope but I was told that this was there normal staff level and they are running at about 70% currently.

The downside of the systems being down, my wife had to be accompanied by a Dr in ED for an XRAY, normally the Xrays are taken and the Dr can look on there computer but they cant so have to be there to view.

Slightly different on the ward, she went for an xray and it got lost in seconds.

Apparently there are some doors that can not be opened because the computers control the access control.

The bonus was free parking, that did not bother me as parking is cheap there compared to Auckland.

My wife was transferred to Auckland Hospital this morning ( our home hospital and other reasons ) but has had to get another xray as they could not send the one from Hamilton.

Fingers crossed it will be resolved in a few days, they staff are not looking forward to the catchup of entering a few weeks data into the system.

John

I know enough to be dangerous

frankv

5705 posts

Uber Geek
+1 received by user: 3666

Lifetime subscriber

#2712910 25-May-2021 16:36

"We stole documents and he knew it ... We have a lot of personal info of employees and patients, financial information etc," the emailer said.

It says it has deleted most of the backups but could help restore the systems if the DHB responds but that had not happened despite several attempts to contact the DHB.

"They decided to ignore us and torture their employees and patients. It is only their fault that DHB is still offline."

So a burglar offers to help you recover the stuff he stole from you -- would you accept help from him? Surely the hijackers couldn't seriously expect that to happen? (Actually, on reflection, I might, and have a bunch of cops teed up to collar him. But surely the crims have had that thought too). And the childish blaming of the victim...

I wouldn't be surprised if they had lots of clinical patient information, and the names and addresses of who it all belonged to. But I'd be surprised if there was anything much in the way of personal financial information, either employees or patients, but I'd guess that would be an excellent claim to make if you had hacked (say) an *US* hospital. Releasing one innocuous report of someone's actual visit to ED would focus the minds of the DHB enormously, without harming the criminals' position at all. But they haven't done that, so I'm saying it's a hoax, either by the actual criminals in an attempt to pressurise the DHB into paying up, or more likely by some other group trying to cash in.

Mighty Ape

Shop now at Mighty Ape (affiliate link).

Technofreak

6657 posts

Uber Geek
+1 received by user: 3477

Trusted

#2712914 25-May-2021 16:48

I too think they are bluffing regarding the patient information. If they have it they could easily prove that but so far they haven't. What does that tell you?

Never give into blackmail!!!!

EDIT: They're welcome to any medical information they have on me.

I hope things get up running sooner than later as I'm waiting for the report of a recent test done at the hospital. Everything was OK but I need the report for employment reasons.

Sony Xperia XA2 running Sailfish OS. https://sailfishos.org The true independent open source mobile OS
Samsung Galaxy Tab S6
Dell Inspiron 14z i5