Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

Enovacom MHI

Enovacom MHI

Cisco Virtual Telehealth 1400×150

Cisco Virtual Telehealth 1400x150

Privacy & Security

Norfolk, Ont. hospital hit by ransomware

March 23, 2016


RansomwareSIMCOE, Ont. – The website of the Norfolk General Hospital, in Simcoe, Ont., was recently breached and was potentially distributing ransomware to visitors, according to Malwarebytes, a major provider of internet security software.

“We believe the public website was breached and was serving ransomware,” said Jerome Segura, a Victoria, B.C.-based senior researcher with Malwarebytes.

Alerted to the intrusion by its own monitoring systems, California-based Malwarebytes then analyzed the Norfolk site and found it was using an outdated version of a content management software system called Joomla – which could leave it vulnerable to hackers.

“A lot of organizations do this,” said Segura. “They build a website, then forget about updates and upgrades.”

In an explanation posted by Malwarebytes in a blog, the company wrote:

“Our honeypots visited the hospital page and got infected with ransomware via the Angler exploit kit. A closer look at the packet capture revealed that malicious code leading to the exploit kit was injected directly into the site’s source code itself.

“The particular strain of ransomware dropped here is TeslaCrypt which demands $500 to recover your personal files it has encrypted. That payment doubles after a week.”

For its part, hospital spokesman Gerry Hamill told the Financial Post newspaper that, “The IT team at Norfolk General Hospital, along with our internet provider and web designer, reacted quickly to any website issue that had occurred.” He added that, “NGH is confident that our site is safe for visitors. No patient information was ever at risk.”

Spurred by the Norfolk incident, Malwarebytes began conducting analytics of ransomware attacks in Canada and found the cities most affected are:

  1. Toronto
  2. Ottawa
  3. Montreal
  4. Markham
  5. Calgary
  6. Vancouver
  7. London
  8. Edmonton
  9. Winnipeg
  10. Saint Catharines

According to Malwarebytes, a large number of websites are running outdated server-side software, especially WordPress and Joomla. Along with malvertising, in which online ads are seeded with dangerous code, hacked websites are the largest vehicle for new malware infections.

As Malwarebytes says in its blog, “Common reasons for not updating a website include lack of resources, fear of breaking existing applications or simply forgetting to keep up with security patches.

“The truth of the matter is that any outdated or poorly secured website is simply a sitting duck waiting to be taken over via automated scanners before getting leveraged for spam, phishing or malicious redirections, just to name a few.”

The company provided some useful advice:

  • Back up your files at least once a week and if possible keep those backups on an external media.
  • Prevent infections by using proper security hygiene and multiple layers of defense.

“You have to be proactive,” said Segura. “You can’t wait until you are hit by ransomware, because then it’s game over.”

PreviousNext

WP 900×150

WP 900x150

News and Trends

  • New system eases clinical communication at Michael Garron
  • Quebec continues leadership in PET/CT
  • BC launches new form of virtual care for chronic care patients
  • Machine learning makes progress in care at Ontario hospitals
  • Mackenzie Health becomes a leader in digital pathology
More from the Print Edition

Subscribe

Subscribe

Free of charge to Canadian hospital managers and executives in nursing homes and home-care organizations. Learn More

Follow us on Social Media!

Follow us on Social Media!

CHT blasts 200×400

CHT blasts 200x400

Advertise with us

Advertise with us

Ampronix

Ampronix

Dapasoft CVC

Dapasoft CVC

Mohawk College (1)

Mohawk College (1)

WP 900×150

WP 900x150

Advertise with us

Advertise with us

Ampronix

Ampronix

Dapasoft CVC

Dapasoft CVC

Mohawk College (1)

Mohawk College (1)

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 207
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2021 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us