Vic hospitals to beef up cyber protection

Victorian hospitals and health services will have a $30 million state government boost to their IT systems amid cyber attack concerns.

It comes as Eastern Health continues to deal with a March 16 cyber incident that forced the major Melbourne provider to postpone some elective surgeries.

The announcement also was made the day after the Australian Cyber Security Centre issued a critical alert for organisations using Microsoft Exchange, saying it had found significant new vulnerabilities.

On Thursday, state Health Minister Martin Foley announced 28 Victorian hospitals and health services would share in the funding through the Clinical Technology Refresh program.

It refreshes older network infrastructure and replaces old systems, with the new infrastructure to protect health services against cyber attacks as well as improving patient care.

Eastern Health will receive just more than $350,000 in funding for IT upgrades.

While Eastern Health is back to full capacity with its patient care, a spokesman said there were still some impacts to its IT systems because of the cyber incident.

It had to postpone some elective surgeries at the Box Hill, Maroondah and Healesville hospitals.

Eastern Health said at the time that the incident did not compromise patient safety.

On Wednesday, the ACSC said Microsoft had identified "significant newly discovered vulnerabilities" in Microsoft Exchange 2013, 2016 and 2019 allowing attackers to gain and persist access.

Patches released in March do not remediate these new vulnerabilities and new updates released on Tuesday must be applied to prevent potential compromise, it said.

The new flaws come on top of those used in a flood of attacks earlier this year that compromised more than 20,000 US on-premises Exchange servers handling web versions of Outlook mail.

A "large number" of Australian organisations are yet to patch vulnerable Exchange versions.

Austrlaian Associated PressBack to Breaking News

  • Print this page
  • Copy Link