Oshawa hospital among thousands of global 'ransomware' cyberattack victims
Lakeridge Health spokesperson says hospital's system was able to deflect attack
A hospital in Oshawa is among the tens of thousands of victims of an unprecedented "ransomware" cyberattack that's hit 150 countries in recent days.
Lakeridge Health — one of Ontario's largest community hospitals — said it appeared the ransomware threatened its computer system, but a spokesman said the facility's system was able to deflect the attack.
- Cyberattack havoc could grow as work week begins
- How a perfect storm allowed a global ransomware attack to happen
"Our antivirus software contained the attack and so while we've had to reset some of our systems we weren't affected in the same way that other places were," said Lloyd Rang.
"Patient care wasn't affected and neither were any medical records or health records breached in any way."
The cyberattack has paralyzed computers and networks around the world, including the ones that run Britain's hospital network, Germany's national railway and scores of other companies and government agencies worldwide.
On Sunday, officials and experts urged organizations and companies to update their operating systems immediately to ensure they aren't vulnerable to a second, more powerful version of the malicious software, dubbed "WannaCry."
'Number of' Canadian organizations, individuals affected
Matthew Tait, a cybersecurity expert and founder of U.K.-based Capital Alpha Security, told CBC News Network that "a number of" organizations and individuals in Canada have been affected, but that many of them haven't been forthcoming with that information.
"This is a global attack," Tait said. "This has affected all countries and Canada is no exception there."
SSC’s Security Operations Centre monitors <a href="https://twitter.com/hashtag/GoC?src=hash">#GoC</a> <a href="https://twitter.com/hashtag/IT?src=hash">#IT</a> systems 24/7/365 to<br>keep them safe from cyber threats.—@SSC_CA
A spokesperson for Public Safety Minister Ralph Goodale said the government doesn't comment on specific threats, but that the Canadian Cyber Incident Response Centre is focused on protecting vital systems outside the government, including hospitals.
Meanwhile the Communications Security Establishment, a Canadian intelligence agency, said in a statement Saturday that the federal government's computer networks do not appear to have been affected by the attack.
'You click on it, and bingo'
Attacks like this one happen when a type of software seizes control of a computer, encrypting its contents and rendering them inaccessible.
"The vehicle that the malware going from one device to the other is spam. The most common way that they do that is via a link in an email," said Atty Mashatan, a professor at Ryerson University's School of Information Technology Management.
"It looks as if it's from someone you know, in your contacts. You click on it, and bingo. The actual malware, the file, is downloaded."
The perpetrators then demand hundreds or thousands of dollars to unlock the victims' computers — essentially holding the documents, photos and other items on the computer for ransom.
"This one wasn't really a targeted attack at all," Mashatan said. "They usually run this campaign and hope to infect as many devices as they can."
She said it's important for everyday people to remain vigilant to prevent these attacks from spreading.
People should keep their computers' operating systems up-to-date, she said, because the latest updates often patch up security holes. People should also avoid clicking on suspicious links.
With files from the Canadian Press, Associated Press, CBC News Network