Tonga Cyberattack: A Wake-Up Call for Pacific Cybersecurity

Tonga Cyberattack: A wake-up call for Pacific cybersecurity, warns expert. A recent cyberattack on Tonga’s Ministry of Health is serving as a stark warning for the entire Pacific region, highlighting vulnerabilities in cybersecurity and the urgent need for improved online safety measures [1][2]. The June 15, 2025, ransomware attack compromised the National Health Information System (NHIS), disrupting access to medical records and prompting concerns about patient data [3][4].

Details of the Attack

The cyberattack, attributed to the INC Ransom group, involved the theft of critical patient information, including medical records, which were subsequently leaked online [1][4]. The hackers demanded a US$1 million ransom, which the Tongan government refused to pay [4][5]. The breach forced hospitals to revert to manual record-keeping, causing significant disruption to healthcare services [3].

Regional Vulnerabilities

Tongan cybersecurity expert Siosaia Vaipuna, former director of Tonga’s cybersecurity agency, emphasized that the attack is a “wake-up call” for the Pacific [1][2]. He noted that Tonga and other Pacific nations are particularly vulnerable to data breaches due to a lack of awareness and inadequate cybersecurity systems [1][2]. With increasing digital connectivity outpacing online safety awareness, the region is becoming an attractive target for cybercriminals [1][2].

International Response and Support

In response to the attack, the Australian government dispatched cybersecurity experts to assist Tonga in restoring the NHIS and investigating the breach [3][6]. This collaboration underscores the importance of regional cooperation in addressing cybersecurity threats and building resilience [7][8].

The Way Forward

The Tonga cyberattack highlights the need for Pacific Island nations to prioritize cybersecurity and invest in robust online safety systems [1][2]. Key steps include:

• Raising awareness: Educating government departments and the public about cybersecurity risks and best practices [1][2].
• Strengthening cybersecurity infrastructure: Implementing advanced security technologies and protocols to protect critical systems and data [1][7].
• Enhancing regional cooperation: Fostering collaboration and information sharing among Pacific nations to address cyber threats collectively [7][8].
• Developing cyber incident response plans: Establishing rapid response teams and procedures to effectively manage and mitigate cyberattacks [8].

By taking these steps, Pacific Island nations can enhance their cyber resilience and safeguard their critical infrastructure and sensitive data [9][10]. The Tonga cyberattack serves as a catalyst for change, urging the region to prioritize cybersecurity and work together to create a safer digital environment [1][2].