Menu

Topics

Connect

Comments

Comments closed.

Due to the sensitive and/or legal subject matter of some of the content on globalnews.ca, we reserve the ability to disable comments from time to time.

Please see our Commenting Policy for more.

‘Epidemic of cybercrime’ underway in midst of pandemic: Security expert

WATCH ABOVE: There’s been an uptick in cyber threats related to the pandemic, according to the Canadian Centre for Cyber Security. In a number of cases, the targets have been front-line health-care facilities. Shallima Maharaj takes a closer look at a growing threat from the digital realm – Dec 3, 2021

According to the Canadian Centre for Cyber Security, there’s been an increase in cyber threats related to the COVID-19 pandemic. A portion of that has been against the country’s front-line health-care and medical research facilities.

Story continues below advertisement

In June, a ransomware attack forced Toronto’s Humber River Hospital to declare a code grey, meaning loss of essential services. More recently, a cyberattack on Newfoundland and Labrador’s health network data centre resulted in the cancellation of thousands of medical appointments.

Last week, Headwaters Health Care Centre in Orangeville, Ont., announced its systems had been “been subjected to unauthorized access.” The hospital has since begun working with cyber security experts to help safely restore IT services and launch an investigation into what happened, and whether sensitive data was compromised.

“We have never seen this swell of attacks across all sectors, but acutely targeting areas that we feel it the most and causes the most pain, and health care being top of that list,” said David Shipley, CEO of Beauceron Security.

While not all of the attacks have been classified as ransomware, the 2018 National Cyber Threat Assessment (NCTA) identified it as the most common form of malware used for extortion against Canadians.

Story continues below advertisement

According to NCTA 2020, cybercriminals have more recently been engaging in big game hunting, honing in on “large enterprises that will not tolerate sustained disruptions to their networks,” and are willing to pay bigger ransoms to restore operations swiftly.

The report also points to researchers estimating that the average ransom demand increased by 33 per cent since Q4 2019 to nearly $150,000 in Q1 2020.

On the higher end, Shipley said some entities are seeking out millions of dollars.

“I can’t put it any more simply than this: imagine your chemo treatment for your cancer is cancelled because the hospital can’t deliver it, doesn’t even have access to what chemo drugs you were on.”

“This is classic organized crime in 21st century form, and it uses technologies that we use for good every day — encryption — which are the things that we rely on to do our banking securely, to hurt us.”

Story continues below advertisement

The money being sought is often transferred as cryptocurrency. Although not impossible to trace, security expert Christian Leuprecht says it is more challenging.

“In a ransomware attack, people breach your network in order to compromise your data. Usually that means taking your data hostage, essentially encrypting your data, and then telling you if you provide a certain amount of money, then we will send you a key to decrypt your data,” he explained.

Leuprecht says the anonymity of cryptocurrency is a major driver of ransomware, and the people responsible tend to be located outside of jurisdictions where Canadian officials can investigate and prosecute.

South of the border, Colonial Pipeline — which found itself the victim of a Russian-based hacker group — paid out $4.3 million. The Justice Department was able to recover the majority of it.

Story continues below advertisement

Leuprecht considers the move a shot across the bow.

“If you go after U.S. critical infrastructure, you might get paid, but we’re going to be able to repatriate most of that money, so it’s not going to be worth your while,” he said.

In July, the Canadian government joined allies in blaming China for a massive hack on Microsoft exchange serves.

The attack put several thousand Canadian entities at risk. Worldwide, around 400,000 servers were affected.

Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article