Updated November 10, 2021
The government of Newfoundland and Labrador disclosed on Tuesday that whoever was behind a cyberattack that crippled the province’s healthcare system obtained personal information from patients and staff.
“I think this is quite a serious breach,” said David Diamond, CEO of the Eastern Health Authority. “We’re in no way suggesting that this information is not quite significant and serious.”
Officials have so far declined to reveal what kind of attack the province is suffering or whether the hackers who are behind it have requested money. It had all the hallmarks of a ransomware attack, according to outside experts, in which hackers breach an information technology network and demand money in exchange for regaining access.
The incidents of ransomware in Canada are rising at an alarming rate. It’s estimated that ransomware attacks cost Canadian businesses and organizations $2.3 billion in 2019. Unfortunately, many incidents still go unreported. Businesses of all sizes have become targets of ransomware, as it can infect not only personal computers but also entire networks and servers.
Watch the Press Conference
What is Ransomware?
Ransomware is malicious software that infects a computer and denies access to the system or data, and demands a sum of money to restore the information. Presently, the most common forms of ransomware will encrypt data.
Victims often receive an onscreen alert stating their files have been encrypted or a similar message, depending on the type of ransomware. The message on the lock screen may even claim to come from the federal government, accusing the user of violating a law and demanding a fine.
Organizations are then prompted to pay a ransom to unlock their computer systems or gain access to critical documents. Typically, the hackers behind the ransomware demand bitcoin—a type of digital currency that is difficult for police to trace.
How Ransomware Can Spread
There are different ways that ransomware can spread, including the following:
- Visiting fake or unsafe websites
- Opening emails or email attachments from unknown sources
- Clicking on suspicious links in emails or on social media
How to Respond
Some operating systems provide instructions for responding to lock-screen ransomware, although results aren’t guaranteed. In contrast, encryption ransomware has no quick fix without an encryption key, which only the hackers typically have access to.
Regardless of the type of ransomware, experts recommend against paying the ransom. After all, there is no guarantee that you will regain access to your computer, network or files after you pay. Furthermore, by paying the ransom, you could be encouraging future cybercrimes.
If your business is affected by ransomware, take the following steps:
- Do not do anything further on your computer systems. If possible, consult your IT department or an IT professional for assistance
- Immediately contact the Canadian Cyber Incident Response Centre (CCIRC) to report the incident. The CCIRC can assist your business to mitigate further damage.
- Open a criminal investigation into the matter by reporting the incident to your local police force or jurisdiction and inform the CCIRC that you have done so.
- Report the incident to the Canadian Anti-fraud Centre.
- Contact Wedgwood Insurance Limited to discuss next steps from an insurance perspective.
What to Do if You’ve Already Paid the Ransom
Since business can come to a halt without access to essential data, business owners are often tempted to pay the ransom in order to quickly regain access. If you’ve paid the ransom, contact your bank and call the authorities as soon as possible. Credit card companies may be able to block the transaction and refund you if you contact them promptly.
How to Protect Your Business
Cyber extortion from ransomware is a legitimate threat to all businesses—no matter the size. The best method of prevention is to keep confidential information and important files securely backed up in a remote location that is not connected to your main network.
In addition to backing up your files, taking the following prevention measures can help keep your information secure and prevent you from becoming a victim of cyber attacks:
- Teach your employees about ransomware and the importance of preventing it.
- Instruct employees never to click on links or open attachments in emails sent by a party they do not know.
- Show your employees how to detect suspicious emails and attachments. For example, tell them to watch for bad spelling or unusual symbols in email addresses.
- Develop a protocol for reporting incidents of ransomware and other suspicious cyber activity.
- Develop a schedule for regularly backing up sensitive business files.
- Update your company software as soon as new updates are released. In doing so, you can patch the security vulnerabilities that cybercriminals rely on, and avoid becoming an easy target.
- Purchase cyber liability insurance that not only helps you respond to threats but can also help cover the cost of the ransom and any other losses incurred as a result of cyber extortion.
Don’t let ransomware – or any type of cyber exposure – threaten your business. Contact Wedgwood Insurance Limited to ensure you have the proper coverage and the tools necessary to protect against losses from cyber attacks.
Credit Monitoring & Identity Theft Protection
As of November 26, 2021 free Credit Monitoring and Identity Theft Protection is available from Eastern Health for those affected. Learn more…
Expert Advice from Wedgwood Insurance
There’s more to insurance than the price of the policy and Wedgwood goes above and beyond for our clients with expert advice you can trust, but don’t take our word for it. There’s a reason we’re Newfoundland & Labrador’s most trusted insurance broker.
With over 180 Google My Business reviews, come experience the Wedgwood difference with expert advice from our dedicated team. We work to ensure that every client has the coverage that best suits their needs through upfront complimentary consultations and midterm reviews. For more information, check out our Cyber Awareness section.