An expert from the Canadian Internet Registration Authority (CIRA) says not only are ransomware attacks on the rise, but it’s increasingly difficult to do anything about them.
And the stress of maintaining something as complex as health services can increase vulnerability.
Spencer Callaghan, senior brand and communications director, spoke to The Telegram on Tuesday, November 2, following a major cyberattack on health officials in Newfoundland and Labrador that resulted in thousands of appointments and procedures canceled.
Eastern Health is the most severely affected, but other areas have also had to delay surgeries and non-essential services such as chemotherapy.
Officials will not disclose whether the Newfoundland attack is ransomware – in which hackers extort money from the organization to unlock the system – but details so far indicate that it is likely the case.
The RCMP confirmed on Tuesday that the matter was under investigation by its cybercrime division.
“There are ways to mitigate it, but it’s not easy,” Callaghan said. “It would really depend on the sophistication of the organization and the type of safeguards it had in place.”
Much will depend on whether there is sufficient redundancy, he said.
To sell
Ransomware has become an increasingly common form of cyber attack in Canada, and a majority of businesses and institutions are willing to simply pay the ransom rather than fight the invasion and potentially lose data.
This was evident in the results of a CIRA-sponsored annual survey of more than 500 IT managers across the country that was released last month.
Almost one in five have reported some form of ransomware attack in the past year, and nearly 70% admit that the organization has given in to hackers’ demands.
“In fact, I wouldn’t have been surprised if it was higher, because ransomware is definitely on the rise. It is one of those cybercrimes that is increasing in frequency and has a real impact on our society, ”Callaghan said.
The requests – which typically involve the use of cryptocurrencies – aren’t always extravagant, he added.
“The funny thing about the ransom is that in many cases it is not that high. … One of the advantages of this type of crime is that if you set the ransom relatively low, you are more likely to get paid.
“If I’m an IT manager and I know it’s going to take me three weeks and thousands and thousands of dollars to rebuild my systems, and someone asks me for two Ethereums (around CA $ 10,000), I might just pay that to move on.
The prey of emotion
Implementing layers of protection is an important defense against cyber attacks, Callaghan said.
“It’s like your house. You can lock your door, but you can also install a camera. You could put up a fence and a gate. It’s the same with cybersecurity. You generally want to have a variety of layers of defense.
Nevertheless, cybercriminals almost always seek out the weakest link, and that usually involves exploiting someone’s emotions.
You might receive an email letting you know you’ve been fined or authorities are under investigation – or something positive like a raise.
“If you look at the example of the Newfoundland health care system… if you think about these environments, they are very stressful and very anxious environments. Add to that the complications of COVID and full waiting rooms and full operating rooms and canceled surgeries and all that stuff that we see in the Canadian healthcare system, there’s a lot of anxiety, there’s a lot of stress, there’s a lot of fear, and those kinds of attacks attack that kind of emotion, ”he said.
The most important protection is employee training – and up-to-date training, as cybercrimes are constantly evolving.
“You can have the best technical defense you can get, but at the end of the day, if someone clicks a link they shouldn’t click, or does something they shouldn’t, in many ways, it is like unlocking the door. “
Callaghan said governments need to take a long look at how they allocate funds for cybersecurity, especially at a time when health dollars are stretched to the limit.
“How do you rate the protection of cybersecurity compared to a new MRI machine? ” he said.
Peter Jackson is a Local Journalism Initiative reporter covering health for The Telegram.
“Travel aficionado. Twitter scholar. Writer. Extreme coffee guru. Evil pop culture fanatic.”