There is still no official word on the cause of a major cyberattack on Newfoundland and Labrador’s health-care system, but authorities have been in touch with officials from Ireland, which was hit with a ransomware attack earlier this year.
On May 14, Ireland’s public health service shut down its IT systems in response to an extensive ransomware attack in which the responsible criminal gang demanded a payment of $20 million in Bitcoin. The Irish government refused to pay the ransom and later confirmed that the confidential information of at least 520 patients had been released online.
N.L. officials said the province has been speaking with officials from Ireland to learn what it can from how the country dealt with the cyberattack on its health system.
N.L.’s Deputy Premier Siobhan Coady hasn’t confirmed whether the province’s cyberattack involved ransomware, and Health Minister John Haggie also declined to reveal further information.
“This is still unfolding and we’re working with the RCMP,” Coady told reporters on Nov. 2.
Premier Andrew Furey told reporters that the federal government has offered to support his province as it recovers from the attack. In addition to the RCMP, the province is also getting help from the Canadian Centre for Cyber Security.
Keenan said cyber crimes have become a “worldwide business” as tools used for cyberattacks and even ransomware services can be found on the internet, with some hacks being carried out by amateurs without a high degree of technical knowledge.
“There’s definitely a trend, there’s no question,” he said, attributing the rise to the profitability of cybercrimes, difficulty in catching the perpetrators, and a lack of preparedness among victims.
Hackers are increasingly targeting hospitals, which were vulnerable to attacks even before the COVID-19 pandemic due to a tendency toward weak security infrastructure and the profitability of access to sensitive patient information.
On Oct. 28, 2020, the University of Vermont (UVM) Medical Center received staff complaints of computer access problems, which were later found to be the result of a cyberattack. While the centre did not pay a ransom, the attack cost an estimated US$50 million, mostly from lost revenue, The Associated Press reported.
In the N.L. case, Keenan said there was probably “a failure to prepare for a ransomware attack of this scale,” which resulted in complex damage that’s difficult to fix quickly.
“I tell people that they should back up all their computers and all their systems, so that if the ransomware guy gets in, you just scrub everything clean and you reload your information,” he said.
“You might lose the last few hours of patient information or something like that, but it’s so much worse to lose everything.”
According to a report by British security software and hardware company Sophos Group that surveyed 5,400 IT decision-makers across 30 countries, over one-third of the respondents from roughly 330 health-care organizations have been victims of ransomware attacks over the past year.
While 34 percent of the victims whose data was encrypted by the cybercriminals paid a ransom to retrieve their data, only 60 percent of the encrypted files were restored on average.