Nuku’alofa, Tonga – Police Minister Piveni Piukala expressed surprise upon discovering that Tonga lacks a secondary database or a disaster recovery (DR) site, following a crippling cyberattack that has taken the National Health Information System (NHIS) offline.
This follows a ransomware attack on Tonga’s National Health Information System (NHIS) this week, which forced staff to switch to manual operations.
Health Minister Dr ‘Ana ‘Akau’ola refused to reveal the hackers’ ransom demand, though local reports estimated millions. Fears grew that patient records could be lost permanently.
Piukala emphasised that a backup system is a critical component of cybersecurity, particularly in safeguarding against database breaches.
He blamed the cyberattack on the NHIS on failures to strengthen the country’s core internet infrastructure.
“A disaster recovery site ensures continuity and minimises data loss when primary systems are compromised,” Piukala stated in Tongan.
The minister acknowledged the urgent need for improved IT infrastructure, including a redundant backup system, to prevent future crises.
Cybersecurity experts warn that ransomware attacks and data breaches are increasing globally, making disaster recovery plans essential for governments and critical sectors.
Tonga’s vulnerability highlights the pressing need for investment in digital resilience.
A Computer Security Incident Response Team from Australia is working to restore the NHIS, but the incident has sparked calls for immediate cybersecurity upgrades to protect Tonga’s essential services.
Regional Cyber Crisis
The Tonga cyberattack comes after the Pacific Island Forum Director for Policy, Paki Ormsby said cybercrime poses an increasing challenge to the safety and well-being of Pacific Islanders.
He said that the Pacific leaders affirmed that cybersecurity is a priority security threat requiring a concerted, collective regional effort to address.
Ormsby says the Forum Secretariat continues to assess that cybercrime will severely affect the lives of the people on the Blue Continent.
Samoa’s government previously blamed a Chinese state-backed hacking group for a series of sophisticated cyber attacks, saying it has been conducting “malicious cyber operations against government and key critical infrastructure system” across the Pacific.
A document from Samoa’s National Computer Emergency Response Team calls the hacking group ATP40 a “serious threat” to the region.
The Chinese embassy in Nuku’alofa had previously denied the claims made by Samoa to Kaniva News.
