Ransomware goes big game hunting

Cybersecurity was back in the news this week with the release of a couple of reports detailing the extent and cost of malicious cyber activity over the last year for healthcare and other industries. Security software firm Malwarebytes released its 2020 State of Malware Report this week, reporting that the healthcare sector was the fifth most popular industry for attack in 2019.

The report pointed to an increase in attacks on businesses over consumers, and to increased sophistication in attacks, with large organisations becoming bigger targets in an exercise known as big game hunting. The attacks are also increasingly likely to be launched on several fronts, with Trojans used to get into systems to deliver ransomware as the payload.

Malwarebytes reports that detections of Ryuk, which was the culprit in the attack on the Gippsland Health Alliance and the South West Alliance of Rural Health (SWARH) in October, increased by more than 500 per cent in the first quarter of 2019 over the previous quarter.

Also this week, a report by US firm Comparitech totted up the cost of ransomware attacks on the healthcare sector in the US since 2016 and found at least $160 million had been spent in recovery costs. This chimes in with Emsisoft's report from last December, which found that 764 US healthcare providers had been affected by ransomware in just one year.

Emsisoft, which is a global anti-virus and anti-malware vendor but has its headquarters in New Zealand, put out another report this week looking at estimated costs to governments and businesses globally, helpfully including figures for Australia and New Zealand. And those costs are enormous: Emsisoft provided minimum costs – for Australia it was close to $US40 million for 2019 and for NZ close to $US6.5m – but that is just a minimum. Emsisoft calculates the estimated costs as much higher: $160m for Australia and $26m for New Zealand, with the global costs heading upwards of $25 billion.

Factoring in downtime of an average 16 days, and you are looking at global costs heading towards $170 billion. It's mind-blowing.

At the smaller end of the scale, just today the Central Queensland, Wide Bay and Sunshine Coast PHN reported an attempted phishing attack, with three of its email addresses being hijacked to tempt recipients to download something nasty. This mirrors the phishing expedition that affected the Northern Territory PHN three weeks ago and, as one of our readers tells us, the Murray PHN last year.

While these phishing trips are not exactly big game hunting, they are hugely digitally disruptive, and not in the trendy way.

Our other big news this week was about a report released last month by the Consumer Policy Research Centre (CPRC) called Choosing care: the difficulties in navigating the Home Care Package market. This report took aim at the My Aged Care website, finding that it was not delivering for older people, which supported the findings of the interim report of the Royal Commission into Aged Care Quality and Safety.

The CPRC survey found that only 6.8 per cent of respondents reported using information on the My Aged Care online portal, and only 5.8 per cent used the internet more generally to find and compare information about home care packages. The job of referring the person for a package in most cases fell to the person's healthcare provider or family and friends.

There is more to My Aged Care than just the public website of course and besides some long-term complaining by GPs over the lack of electronic referral capability – now thankfully resolved – we haven't heard much about whether it is working for aged care service providers and assessment teams. My Aged Care was supposed to streamline the process for accepting referrals for assessment, but as is usually the case with aged care, this seems to all be about to change once more.

The Department of Health very quietly announced new arrangements for aged care assessment teams last year but once the word got out, there was uproar. State and territory health ministers have asked the government to reconsider its move to outsource ACATs through a tender process, and there is a great deal of pressure on aged care minister Richard Colbeck to do so. A webinar planned to be held this week on the topic has been delayed and will not now take place until March 11.

However, Senator Colbeck is the minister for sport as well as aged care, and he has his hands full at the moment with the sports rorts affair. Allied to the Royal Commission's devastating findings last year, the Senator has been handed a couple of time-bombs by his predecessor and his department. My Aged Care seems to be turning out to be a bit of a mess too.

That brings us to our poll question for the week: is My Aged Care a white elephant?

Last week, we asked: Is the government ever likely to fund GP telehealth consults for patients in aged care? Most readers seemed positive about this at least: 70 per cent said yes, 30 per cent said no.

Sign up to our weekend edition or Pulse+IT Chat to vote, or leave your thoughts below.

You need to log in to post comments. If you don't have a Pulse+IT website account, click here to subscribe.

Sign up for Pulse+IT eNewsletters

Sign up for Pulse+IT website access

For more information, click here.

Copyright © 2020 Pulse+IT Magazine
No content published on this website can be reproduced by any person for any reason without the prior written permission of the publisher.