Tag Archive for: Cyberattack

Expert says N.L. cyberattack worst in Canadian history, deserves federal response – National

/in


The cyberattack that knocked down Newfoundland and Labrador’s health system data centres Saturday is a national security issue and should be treated as such by Ottawa, security experts say.

David Shipley, chief executive officer of Beauceron Security in New Brunswick, called the attack the worst in Canadian history. Similar attacks have targeted individual hospitals or more general government services in the country, but the extent and the consequences for human health make the Newfoundland and Labrador situation stand out, Shipley said.

“We’ve never seen an entire health network – multiple health networks – taken down like this,” the cybercrime expert said in an interview Wednesday. “This is not just a Newfoundland story, it’s not just a health-care story. This is a national story, and it’s about national security.”

Read more:
Cyberattacks are on the rise and prevention is nearly impossible, security experts say

Story continues below advertisement

On Thursday, there were some signs of recovery from the attack, as the province’s eastern health authority announced its email system was working again. “We are working to bring our health-care and clinical systems back online in a safe and controlled manner,” the authority said in a news release.

In the provincial legislature, the Opposition Progressive Conservatives questioned why Liberal Premier Andrew Furey hadn’t come home from the COP26 climate change conference in Scotland to address the crisis instead of writing on Twitter about “the challenging time” for the province.

“Please know our world-class teams are dedicated to getting things up and running as soon as possible, and I remain focused on this issue,” Furey wrote.

The attack was first discovered Saturday, affecting what Health Minister John Haggie described as the “two brains” behind the provincial health network’s data centre. Without access to such things as basic email, diagnostic images and lab results, the eastern health authority – which includes several major hospitals in St. John’s – was left operating largely with pen and paper and running only emergency services.

Thousands…

Source…

Suspected cyberattack in N.L. hits ‘brain’ of province’s health care system – National

/in


A suspected cyberattack on Newfoundland and Labrador’s health network has led to the cancellation of thousands of medical appointments across the province and forced some local health systems to revert to paper.

The “brain” of the network’s data centre, operated by Bell, has been damaged, including the main and backup computer systems, Health Minister John Haggie told reporters Monday. He said the “possible cyberattack by a third party” was first detected Saturday.

“It has taken out the brain of the data centre … Our main aim here now is to mitigate the effect and maintain some continuity of service for the people of this province,” Haggie said.

Read more:
Kelowna cyber security expert urges vigilance during uptick in cyber attacks

Newfoundland and Labrador’s Eastern Health region was hardest hit, leading to the cancellation on Monday of all non-emergency medical appointments and procedures. Eastern Health CEO David Diamond said his agency has lost access to everything from basic email to diagnostic images and lab results, adding that non-urgent medical procedures are likely to be cancelled again on Tuesday.

Story continues below advertisement

Physicians, he added, have advised him that without X-rays and CT scans being available electronically, it would be safer to delay appointments and procedures for several days. “We can’t handle the same volume in a paper-based system, so it’s safer to reschedule,”

he said.

The health authorities in western Newfoundland and Labrador hadn’t been hit as hard, while the health authority in central Newfoundland was impacted but less severely than in the eastern region, Haggie said.

Haggie, however, decline to comment about whether the damage was due to what’s known as a ransomware attack _ in which hackers demand payment in exchange for restoring access. The minister would only say the investigation is ongoing.

Steve Waterhouse, a former information systems security officer with the Defence Department, said in an interview Monday the damage to Newfoundland and Labrador’s health system bears all the hallmarks of a ransomware attack. Health systems are prime targets for…

Source…

Eva Maydell MEP: “There is not a single day that passes without a cyberattack somewhere”

/in


The European Peoples’ Party (EPP) has warned the West: always be ready for a cyber attack.

“In today’s world, it is not about whether a company or institution will be hacked, the question is whether you are prepared and resilient when it happens. Today’s vote is a clear signal that we stand for the strong cybersecurity protection of European citizens, businesses and institutions”, declared Eva Maydell MEP, the EPP Group’s negotiator of the Directive dealing with measures for a high common level of cybersecurity across the Union.

Members of the Industry, Research and Energy Committee will today approve new rules to enhance the European Union’s cyber capacity and resilience in order to respond to the growing threats brought about by digitalisation.

Throughout the negotiations, Maydell had to take into account the increasing number and sophistication of cyberattacks around the world. EU data strikingly shows that 2/5 of EU users have experienced security-related problems. 1/8 of businesses have been affected by cyberattacks. The annual cost of cybercrime to the global economy was estimated at €5.5 trillion by the end of 2020. This is double that of 2015.

“There is not a single day that passes without a cyberattack somewhere – Solar Winds, Colonial Pipeline, the Irish Health Service Executive, to this very week, as Microsoft announced that Russian-backed hackers have been targeting cloud service companies since summer. The updated Cybersecurity Directive is a tool to enhance cyber capacity and to provide for the safe digital transition of Europe. Our economy and public life will not go backwards on the digitalisation process”, stated Maydell.

The Directive puts emphasis on the maturity levels of smaller companies, which often have a false sense of security, thinking that they are not an ‘interesting target’ for hackers.

MEPs also strengthened the requirements for the Computer Security Incidents Response Teams (CSIRTs), so these teams are able to monitor networks in real or near real time and detect anomalies. Members insisted that CSIRTs have the ability to investigate cyber…

Source…

Iran says cyberattack on gas stations meant to ‘disrupt lives’

/in


Massive cyberattack on Iran’s gas stations on Tuesday created shockwaves.

A day after a massive cyberattack disrupted the country’s fuel distribution system, Iranian President Ebrahim Raisi called for robust measures to “anticipate and prevent” such attacks.

Addressing a Cabinet meeting in Tehran on Wednesday, Raisi said the aim of the attack was to “disrupt people’s lives,” adding that preventing such attacks is essential.

He also urged the Oil Ministry to take necessary action to “compensate people” for the disruption caused by the attack.

After the meeting, Raisi accompanied by other senior officials visited the ministry to review a probe into the attack and its causes.

The attack took place around 11 am on Tuesday, causing widespread disruption and chaos at gas stations across Iran. It targeted the software that supports a smart card payment for subsidized fuel, used widely in Iran.

Initially, officials attributed the malfunction to “technical glitches”, but hours later it was confirmed to be a high-intensity cyberattack.

No group has so far claimed responsibility for it. Importantly, the attack came on the heels of the anniversary of November 2019 protests in Iran over fuel price hikes.

Without naming anyone, Raisi said attempts are being made to make people angry by sowing disorder and disruption.

“The purpose of this action was to disrupt people’s lives so that they can achieve their specific goals,” he asserted, without elaborating.

Raisi said Iran must be “fully prepared” to deal with cyber warfare and to “prevent the enemy from creating problems” in people’s lives.

Iran has been hit by a series of cyberattacks in recent years, mostly targeting nuclear facilities, petroleum factories, railway stations, and ports.

Officials have on many occasions blamed Israel for the attacks.

Source…