The Cascading Effects of a Ransomware Attack in New Zealand

Ransomware Attack in New Zealand

Threats from ransomware are raising their ugly heads once in a while. They force individuals and businesses to cough up large sums of money to offset data loss. According to SonicWall, there had been 707 ransomware attempts on organisations in the first half of 2022. Cybersecurity Ventures predicts that about $265 billion will be lost on account of ransomware globally by 2031. And with cybercriminals using ransomware to extract their pound of flesh, they are refining their malware payloads.
A survey by claims that there has been a 13% increase in data breaches induced by ransomware when compared to the last 5 years. In this backdrop, Mercury IT, a third-party managed IT service provider, has been attacked by ransomware in New Zealand. This has affected the services of many organisations, including some government agencies, such as the Ministry of Justice and the National Health Authority.

Mercury IT, the Constant Behind Cybersecurity Incidents

According to the office of the Privacy Commissioner, they are still in the process of understanding and unravelling the full impact of the incident. The incident came to light when Wellington-based public health insurer Accuro informed customers that the personal data of around 34,000 customers may have been affected due to a ransomware attack at its third-party provider. The attack led to a series of service outages for the client systems of Mercury IT. The Information Security Media Group was informed by the office of the Privacy Commissioner that Mercury IT has been found to be the constant behind these incidents.

The news was further confirmed by the National Cyber Security Center, Health New Zealand. Although government health services are not impacted in their entirety, clinicians in some areas have reported not being able to access a registry of bereavement care services or inherited cardiac diseases. According to the clinicians, around 5,500 records on cardiac diseases and 8,500 records on bereavement services are unavailable.

Victims Cut Across Government and Private Organizations

In addition to the above, the services of around six other health regulatory authorities hosted by Mercury IT are said to have been affected. The names include the Chiropractic Board, the Optometrists and Dispensing Opticians Board of New Zealand, the Physiotherapy Board of New Zealand, the New Zealand Psychologists Board, and the Dieticians Board. The Ministry of Justice stated that the ransomware incident seems to have impacted access to approximately 14,500 records pertaining to the transportation of the deceased and approximately 4,000 postmortem reports. Not only government agencies but even some private organisations seem to have been affected, such as Business NZ, a lobbying company. In fact, the online domain of the company shows a one-page website stating that it is “currently under maintenance.”

The aforementioned incidents have demonstrated cybercriminals’ ability to halt organisational operations at their will. No organization, government or private, is immune to these threats. The only remedy for organisations to secure themselves from such mounting threat actors is to implement robust cybersecurity measures. Further, the measures need to be updated on a continuous basis in view of the changing threat scenario and the sophistication of attacks. Let us understand how organisations can ringfence themselves by complying with a string of cybersecurity measures, as stated below:

> Implement risk mitigation measures and comply with industry standards, namely ISO 27001, PCI DSS, SSAE 18, APRA CPS 234, ACSC Essential Eight, HIPAA, and GDPR.

> Perform risk assessment using penetration testing, web application penetration testing, mobile application testing, red team assessment, SCADA security audit, telecom security audit, and others.

> Hire renowned managed security services, such as Cybernetic Global Intelligence, to generate incident response, conduct log monitoring, phishing simulation, and enable SIEM implementation.

> Conduct cybersecurity awareness training for employees and other stakeholders.

The above-mentioned measures can offer IT security specialists at cybersecurity companies like Cybernetic Global Intelligence unprecedented insight into the vulnerabilities and attack vectors. They can provide real-time data on any existing threat scenario, thereby improving the effectiveness of the cybersecurity measures. Further, they are designed to monitor, detect, manage, and mitigate the range of threats organisations face. By conducting penetration testing, cybersecurity services can measure the capabilities of an organization. They can do so through activities, such as information gathering, vulnerability assessment, footprinting, exploitation, and reporting.


The ransomware attack on Mercury IT in New Zealand that impacted a host of services and led to data breaches should be a wake-up call for organisations in New Zealand and elsewhere to secure their IT infrastructure. The only way is to invest in strong cybersecurity measures, including training the staff to identify incidents of cybercrime. To know more about such measures and secure your organisation against impending threats, call 1300 292 376, or send an email to

Post a Comment