N.L. cyberattack update planned, experts question scarce information provided so far

ST. JOHN’S, N.L. – Security experts say it’s strange for the Newfoundland and Labrador government to have released little information about a cybersecurity attack that has crippled its health-care system more than a week after the trouble was detected.

Premier Andrew Furey is scheduled to provide an update on the situation Tuesday afternoon, but government officials have so far refused to say what kind of an attack the province is facing and whether the hackers involved have asked for money. Outside experts say it has all the signs of a ransomware attack, in which hackers infiltrate an information technology network and demand payment in return for restoring access.

Brian Honan, the head of Ireland’s Computer Security Incident Response Team, said government representatives in that country were on national radio the morning after a similar attack was discovered last May, “telling people what happened, how it happened, what the impact would be.”

“They came up very early and said they would not be negotiating with criminals, they would not be paying the ransom demand and they will be looking to restore systems as quickly as possible,” Honan said in a recent interview.

People were worried about their private information being published by the hackers, and the government’s transparency helped them understand what to expect, he said.

The attack in Newfoundland and Labrador was first discovered Oct. 30, affecting what Health Minister John Haggie described as the “two brains” behind the provincial health network’s data centre. Without access to such things as basic email, diagnostic images and lab results, the eastern health authority — which includes several major hospitals in St. John’s — was left operating largely with pen and paper and running only emergency services.

Thousands of medical appointments have been cancelled, though the health authority has been able to resume some cancer care, such as chemotherapy and radiation.

Brett Callow, a threat analyst for Emsisoft, an international cybersecurity firm based in British Columbia, said there could be “very good reason” for the Newfoundland and Labrador to keep quiet, even 11 days after the attack was first…