Saskatoon

'Slight delays' for some services caused by eHealth hack, says Sask. Health Authority

The SHA was unable to provide further information on what services are being affected and the extent of the delays.

The Saskatchewan Health Authority says the eHealth hack has caused no 'major impacts' to patient care

Officials say eHealth staff, alongside staff from Microsoft and Cisco Systems, are working to assess the situation. (saskatchewan.ca)

Residents trying to access services from the Saskatchewan Health Authority may experience a "slight delay" as a result of a ransomware attack that hit eHealth Saskatchewan last weekend.

The attack, which is said to have started on Sunday, resulted in some eHealth information being encrypted but officials with eHealth said patient data is still secure.

On Tuesday, the Saskatchewan Health Authority acknowledged in a statement it has been working closely with eHealth to ensure steps are taken "to mitigate the impact to the SHA, our patients, and other health system partners" as a result of the hack. 

"Currently, there are no major impacts on patient care, although some patients may notice a slight delay in some services," the statement said.

The SHA was unable to provide further information on what services are being affected and the extent of the delays. 

A statement from Julianne Jack, executive director of communications for Central Services with the Government of Saskatchewan, said the attack on eHealth has not affected the province's information technology environment.

"While eHealth investigates the issue and repairs and restores any impacted servers, any links to eHealth applications or between Saskatchewan.ca and eHealth have been suspended," she said.

"IT security is always on alert and work is always ongoing to protect government information, data and systems from the ever-changing threat landscape." 

'They're prevalent because they work'

Ransomware attacks are becoming more common across the board said Alec Couros, a professor of information and communication technologies at the University of Regina. 

He said these types of attacks can be undertaken by large criminal organizations or an individual using a script they found online. 

"They're prevalent because they work and they do provide instant money into criminal coffers," he said, noting ransomware attacks have increased two to three-fold even in the last year. 

Alec Couros, a professor of Information and Communication Technologies at the University of Regina, says ransomware attacks can be quick cash for criminal coffers.

Officials at eHealth have said that they won't be negotiating with the hackers in order to get access to the files but Couros said whether or not that's the right call depends on the data.

"If it's really sensitive and important information and they can't retrieve the data, I think that's a bit foolhardy," he said. "But if they're able to get the information back with less of a cost or a similar cost, I think that would be fine but that's just not always the case."

He said the effects of these types of breaches can vary widely from a minor inconvenience to the halting of an entire government system. 

David Gerhard, a computer science professor at the University of Regina, said organizations are pummeled with these types of attacks on a daily basis but for the most part, systems are prepared to counter the attacks. 

However, one click is all it takes to compromise a system. 

"Humans are always the weakest link in any security chain and the best way to protect against this kind of stuff is education," he said. "Make sure your employees and the people who use your computer systems are aware of all of the new techniques that spammers use to try to get you to click on these bad links." 

He said people should keep an eye out for emails that appear to come from their boss but don't reflect how they usually talk or write. A simple phone call to verify the email can close a door for a hacker.

"Most of the time, people don't fall for it but it only takes one person to click one bad link for an entire institution to be infected," he said. 

eHealth staff were examining its servers that may have been hacked and officials say eHealth staff, alongside staff from Microsoft and Cisco Systems, are working to assess the situation.
 

With files from David Shield and Emmanuelle Poisson