Advertisement

Hospitals a ‘magnet’ for cyberattacks: health care expert

National Health System cyberattack
This is a screengrab taken from the website of the East and North Hertfordshire NHS trust as Britain's National Health Service is investigating "an issue with IT" Friday May 12, 2017. Associated Press

Hospitals in Britain’s National Health System were recovering Saturday from a massive cyberattack that locked staff out of their computer systems, resulting in many hospitals having to cancel or delay treatment for patients.

READ MORE: Nations respond to biggest extortion cyberattack ever recorded, new attacks feared

The attack encrypted patient files and asked for users to pay to have them unencrypted.

Although nothing nearly as bad was reported in Canadian hospitals, Lakeridge Health in Oshawa, Ontario, reported some unexpected computer downtime linked to the global ransomware attack. This is hardly the first time either – in March 2016 the Ottawa Hospital reported being the target of hackers.

“Unfortunately hospitals are a magnet for such cyberattacks,” said Bill Tholl, president of HealthCareCAN, an organization representing Canadian hospitals and other health care bodies.

Story continues below advertisement

“To the cyberhackers, health care information is worth ten times as much as any information the average Canadian would be providing to a bank.”

This is because most Canadians have a strong desire to keep their health information private, he said. “It’s also possible to steal your personal information and possibly steal your identity.”

His organization did a survey of Canadian hospitals on this issue in January, he said. Half of hospitals responded to the survey, and half of respondents indicated that they had been hacked.

Receive the latest medical news and health information delivered to you every Sunday.

Get weekly health news

Receive the latest medical news and health information delivered to you every Sunday.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

“The experts would tell you there are only two types of hospitals: [those] that have been hacked and know it, and [those] that don’t know that they have been hacked.”

The head of the Canadian Cyber Incident Response Centre, Colleen Merchant, told a Senate committee early in May that her department is very concerned about the rise of ransomware, and cited the heathcare industry as a particularly tempting target for hackers.

READ MORE: Hackers attacking Canada’s critical infrastructure and it’s only going to get worse

When asked to comment on the cyberattacks in the UK and abroad on Saturday, the CCIRC would only say that it is aware of the ransomware attacks and Public Safety Canada does not comment on whether reports have been received on specific incidents in Canada.

Story continues below advertisement

American hospitals are concerned too, said Tholl. At a recent meeting of the American Hospital Association in Washington, hacking was “a major subject of conversation.”

WATCH: Hackers have used ransomware to launch a massive cyberattack, affecting more than 70 countires, including Canada. The worst impact seems to be in the United Kingdom, where some hospitals became crippled. Shirlee Engel reports.
Click to play video: 'Hackers hit dozens of countries using stolen NSA tool, crippling hospitals'
Hackers hit dozens of countries using stolen NSA tool, crippling hospitals

The problem partly arises because of the need for hospitals to make patient information easily shareable between different institutions.

“Canadians need, patients need, interoperable, exchangeable patient information. They don’t want to go from one facility to another and have to repeat the same information. So we want a portable electronic health record. We just have to do everything we can to make sure it’s as secure as it can be,” he said.

Hospitals are examining various ways to mitigate the risk of cyberattack. “What we can do is make sure all hospitals store your personal information off-site in real time and create backup systems so if your system is locked down or subject to ransomware, we can immediately switch to another backup system,” he said.

Story continues below advertisement
WATCH: A security breach at Grey Eagle Casino is a wakeup call to protect confidential information on office computers. Tony Tighe reports.
Click to play video: 'Security experts warn computer hacking on the rise'
Security experts warn computer hacking on the rise

Hospitals can also better share information about the attacks, so that if one is hacked, other institutions know how to prevent it.

Canadian hospitals have made a lot of progress improving their security over the last two years, he said.

But, “It certainly I know keeps a lot of the CEOs of Canadian hospitals up at night.”

With files from Bryan Mullan, Global News

Sponsored content

AdChoices