On October 30, 2021, what some have dubbed “the worst cyber attack in Canadian history” began. The night before Halloween was a very appropriate time for this nightmarish tale to start.
The attack targeted the Newfoundland and Labrador healthcare system, affecting ordinary Canadians across the province. Thousands of appointments were cancelled, including cancer care, and the cybercriminals also stole patient and employee information.
Now, several weeks later, the Premier of Newfoundland and Labrador, Andrew Furey, is still keeping mum about the origins of the attack. It also remains unclear whether the attack has been neutralized or if it is ongoing. With that said, most systems are now back online, but gaps do remain. For instance, the health authorities in NL cannot currently provide COVID-19 testing numbers to the general public. A significant issue in the current climate.
Naturally, the federal government has been working to support NL through the attack, and the Canadian Centre for Cyber Security has been offering hands-on help.
It won’t happen here! Actually, it might.
Given that we live in such a tremendously vast country — St. John’s, NL is nearly 7,000 km from Kelowna, BC — it is perhaps easy to dismiss this incident as something that has happened in a distant land. Something that doesn’t directly impact us or anyone that we know. To be empathetic but removed. To believe it won’t happen here. It won’t affect me. However, that would be a mistake.
The worst cyber attack in Canadian history should be a wake-up call for us all. If the Newfoundland and Labrador healthcare system can be impacted so significantly, you better believe that the online candle store you just ordered from can also have its security breached too (by the way, nothing personal against candle stores, we love candles).
You may feel that the NL healthcare system is a much bigger target, and you’d be right. However, unfortunately, cybercriminals are savvy. They know there’s low-hanging criminal fruit at the candle store too. Consider it under the guise of more ‘conventional’ crime. Sure, some folks walk in and rob a bank. Others visit the mom-and-pop convenience store down the street and make off with a fistful of cash. Criminals can target both the big bank and the mom-and-pop shop. The same is true in the cyber landscape. Size will not necessarily save you.
Now, this isn’t designed to have us all hiding behind our couches, never venturing online again, but it is intended as a warning. It would be nice to believe that you’ll never be targeted by cybercriminals but don’t make the mistake of falling into that comfortable trap. That plays into the hands of the thieves. Be proactive rather than reactive.
The pandemic has raised the stakes in the cyber security world. With more business being done online and large swathes of Canadians now comfortable with the idea of working remotely, cybercriminals are sniffing around for opportunities. Although they struck gold in NL, don’t let them strike gold with you — there any many other industries in many other locations that are in the same boat as the NL healthcare system.
So what can you do?
We just hit you with a lot of scary-sounding stuff. It is concerning. There’s no getting away from that, but there’s also no need to panic. The fact that you’re reading this blog is a good start! Getting a trusted cybersecurity professional on your side, either in-house or as a valued contractor, is a great way to ensure you’re protecting your organization and your clients.
At SeekingFire Consulting, we work with clients large and small across Western Canada. Our goal is to make the digital world a safer, more secure place. We do that by offering a diverse range of services — from security assessments and audits to Security Incident Response Plans. We find the gaps before the bad guys, and we help you plug them before they’re exposed.
Please reach out to us if you would like to discuss your organization’s cybersecurity needs. We offer a no-judgement, free consultation to all prospective clients. You’re not in this alone — we can help you stay safe online.
While we have made every effort to present accurate, unbiased and helpful information in this article, please note that it reflects the author’s opinion and is written for the purposes of general knowledge, information and discussion. This article is not intended as legal advice, nor should it be considered as advice specific to your individual data security situation. If you would like to discuss your cybersecurity needs in specific detail, please get in touch with us.