The Canadian Centre for Cybersecurity reported a surge in cyber-attacks related to the COVID-19 pandemic. Most of the attacks were directed towards front-line healthcare workers and medical research facilities.
Cybersecurity experts believe that the pandemic has made healthcare institutions more susceptible to cyberattacks than ever before.
In June, Toronto’s Humber River Hospital was forced to declare a code grey, meaning loss of emergency services due to ransomware attack. More recently, a cyberattack on Newfoundland and Labrador’s Health network data center resulted in the cancelation of thousands of medical procedures and appointments.
In the past week, Headwater Health Care Centre in Orangeville, Ont. reported its internal systems have been “subjected to unauthorized access.” Since then, the hospital has been working with cyber security experts to strengthen their systems and to safely restore IT services.
“We have never seen this swell of attacks across all sectors, but acutely targeting areas that we feel it the most and causes the most pain, and health care being top of that list,” said David Shipley, CEO of Beauceron Security.
The 2018 National Cyber Threat Assessment (NCTA) categorized ransomware as the most common type of malware used for extorsion against Canadians. This form of cyberattack involves hackers threatening to release compromised data or perpetually block access to it data of the victim until the ransom is paid.
As per NCTA 2021, hackers have been targeting big companies and large enterprises that are forced to pay huge ransoms in order to restore their business operations swiftly. The report also highlights that the average ransom demand increased by 33 percent since the last quarter of 2019 to almost $150,000 in the first quarter of 2020.
“I can’t put it any simpler than this: imagine your chemo treatment for your cancer is canceled because the hospital can’t deliver it, doesn’t even have access to what chemo drugs you were on.”
“This is classic organized crime in 21st century form, and it uses technologies that we use for good every day – encryption – which are the things that we rely on to do our banking securely, to hurt us,” said Shipley.
The ransoms are usually paid in the form of cryptocurrency, which becomes even more difficult to trace back to the culprit.
“In a ransomware attack, people breach your network in order to compromise your data. Usually that means taking your data hostage, essentially encrypting your data, and then telling you if you provide a certain amount of money, then we will send you a key to decrypt your data,” security expert Christian Lamprecht explained.
Cybersecurity experts believe that the anonymity of cryptocurrency is a major escalator of ransomware, and the culprits often operate outside of the Canadian jurisdictions where Canadian law enforcement doesn’t have the authority to investigate or prosecute.