A leading cyber hacking negotiator says the Waikato District Health Board “could probably use some help” in their response to the cyber attack which saw data being published on the dark web.
Kurtis Minder is the chief executive of GroupSense, a US-based company that deals in the prevention of and response to ransomware and other cyber attacks.
His workload has been increasing markedly in the last few weeks, this morning telling Q+A there’s been a “dramatic increase” in the number of ransomware attacks which sees “thousands” of businesses hit every day.
He says they’re usually made by organised groups in Russia and Eastern Europe, which creates another layer of complexity.
“We cannot see them, we cannot read tone, body language, make eye contact,” he says.
New Zealand’s had its own recent experience with cyber criminals with Waikato DHB forced to cancel surgeries and operate offline for several days last month.
“It does sound like it’s taken them a lot longer to clean up than they’d originally anticipated, so they could probably use some help,” he says.
Hackers or “threat actors” have begun leaking that data, some of which has ended up on the dark web.
Waikato DHB’s chief executive and Health Minister Andrew Little both publicly stated no ransom would be paid to regain access to the data.
Minder says the decision to pay a ransom is up to the business and he does not recommend paying them.
“I don’t want to pay the hackers any more than the businesses do,” he said.
However, he also believes until there is a different way of dealing with the cyber hackers, paying the ransom “has to remain a tool in the toolbox”.