A major health care provider in Ontario has had its detailed files on tens of thousands of patients breached by hackers now demanding a ransom.
How can this happen, and what can be done to prevent such attacks
Stephanie MacLellan is a specialist in internet governance and cybersecurity. She is a research associate at the Centre for International Governance Innovation,an independent, non-partisan think tank.Listen
CarePartners provides home care services on behalf of the Ontario government. The detailed files of some tens of thousands patients include detailed health records, phone numbers and addresses and in some cases apparently credit card information.
The hackers are demanding money to keep the information quiet, and said they will also tell the company how they did it. But this is no “white hat” hack to help a company shore up its defences, rather it is a deliberate blackmail case.
MacLellan says it is difficult to trace hackers who know how to hide their tracks and the very nature of the internet means they can be anywhere from next door, to half a world away.
Even in the rare scenario where a hacker can be found, there are very few international agreements for extradition or even trying to get charges laid in the particular country.
She says on an individual basis a few simple rules can help people protect themselves. As for government and industry, she says many governments are behind on this issue in terms of education and action, adding that some new tougher laws are called for as well as working toward better international cooperation.