Home > News > Top Stories > Reeling from Ransomware Attack, eHealth Saskatchewan Says Restructuring IT Infrastructure

Reeling from Ransomware Attack, eHealth Saskatchewan Says Restructuring IT Infrastructure

  • Five months after a ransomware attack locked the computer systems storing eHealth Saskatchewan says it’s going to take a while to restructure its IT infrastructure.

  • It wasn��t long after the agency’s IT team discovered files from some of its servers had been sent to suspicious IP addresses.

  • Additional steps taken to protect its computer systems better since the initial attack include updating password protocols, updated protection software.


Five months after a ransomware attack locked the computer systems storing confidential medical data of Saskatchewan residents, eHealth Saskatchewan says it’s going to take a while to restructure its IT infrastructure, and that it’s still unsure who stole the data or where it is. The health agency’s chief executive officer Jim Hornell confirmed in February that the virus first entered the eHealth system on December 20, 2019. Employees didn’t discover there was a problem until they tried to open files on Jan. 6 and were asked to hand over bitcoin in exchange for the encrypted data.


As we outlined publicly in early February, eHealth discovered some files were sent to IP addresses outside of eHealth’s environment. Those files were encrypted and password protected by the attacker. This makes it difficult to determine the exact content of those files,” wrote Ian Hanna, director of communications for eHealth Saskatchewan in an email to IT Word. “Longer-term work on re-organizing and restructuring eHealth’s IT architecture will continue for several more months.



Read more: COMPARING SIX LEADING CONVERGED INFRASTRUCTURE VENDORS' PRODUCT

eHealth Saskatchewan in an email to IT Word. “Longer-term work on re-organizing and restructuring eHealth’s IT architecture will continue for several more months.

~ Ian Hanna, director communications eHealth Saskatchewan


Law enforcement and privacy officials have been kept up-to-date on the forensic investigation, wrote Hanna. He also confirmed that eHealth had hired outside help to determine if any files were illegally sold. As of now, no trace of such activity has been found. The agency’s website says, should it be determined that personal health information has left the organization, the public will be advised.


Additional steps taken to protect its computer systems better since the initial attack include updating password protocols, updated protection software the introduction of multi-factor authentication for crucial systems, added Hanna. There was a total lack of visibility of the health agency’s computer network, according to David Masson, director of enterprise security at Darktrace. Unfortunately, it’s a common problem with many companies, he said.


It’s too late to really do much once you discover there’s a problem because by then, the damage is done, One of the other disturbing details of the attack against eHealth Saskatchewan.


With eHealth, there was never any ransom paid, but we’ve seen that the data has left [the data centre] and turned up in various other places,” said Masson. When it comes to action items on the part of residents whose data might be compromised, Masson suggested additional vigilance. Be wary of strange emails, text messages and phone calls. And it doesn’t hurt to check bank statements every once in a while, he added.


One of the other disturbing details of the attack against eHealth Saskatchewan is how files from some of its servers had been sent to suspicious IP addresses, he indicated. This could reflect a more sophisticated ransomware attack akin to the one that crushed an agricultural services company earlier in June. In that case, a website called “Happy Blog” run by threat group dubbed REvil auctioned off data it says was stolen from a London, Ont., company that offers crop advisory and protection services. The auction notice said the data available included accounting documents and customer accounts for the last three months.


Read more: HELIX TECHNOLOGIES BREAKS GROUND IN DATA ANALYTICS FOR CANNABIS PRODUCTION, UNVEILS BI TOOL

Spotlight

More featured news

Spotlight

Related News

Application Infrastructure

dxFeed Launches Market Data IaaS Project for Tradu, Assumes Infrastructure and Data Provision Responsibilities

PR Newswire | January 25, 2024

dxFeed, a global leader in data solutions and index management for the financial industry, announces the launch of an Infrastructure as a Service (IaaS) project for Tradu, an advanced multi-asset trading platform catering to active traders and investors. In this venture, dxFeed manages the crucial aspects of infrastructure and data provision for Tradu. As an award-winning IaaS provider (the Best Infrastructure Provider by the Sell-Side Technology Awards 2023), dxFeed is poised to address all technical challenges related to market data delivery to hundreds of thousands of end users, allowing Tradu to focus on its core business objectives. Users worldwide can seamlessly connect to Tradu's platform, receiving authorization tokens for access to high-quality market data from the EU, US, Hong Kong, and Australian Exchanges. This approach eliminates the complexities and bottlenecks associated with building, maintaining, and scaling the infrastructure required for such extensive global data access. dxFeed's scalable low latency infrastructure ensures the delivery of consolidated and top-notch market data from diverse sources to the clients located in Asia, Americas and Europe. With the ability to rapidly reconfigure and accommodate the growing performance demands, dxFeed is equipped to serve hundreds of thousands of concurrent clients, with the potential to scale the solution even further in order to meet the constantly growing demand, at the same time providing a seamless and reliable experience. One of the highlights of this collaboration is the introduction of brand-new data feed services exclusively for Tradu's Stocks platform. This proprietary solution enhances Tradu's offerings and demonstrates dxFeed's commitment to delivering tailored and innovative solutions. Tradu also benefits from dxFeed's Stocks Radar—a comprehensive technical and fundamental market analysis solution. This Software as a Service (SaaS) seamlessly integrates with infrastructure, offering added value to traders and investors by simplifying complex analytical tasks. Moreover, Tradu leverages the advantages of dxFeed's composite feed (the winner at The Technical Analyst Awards). This accolade reinforces dxFeed's commitment to delivering excellence in data provision, further solidifying Tradu's position as a global leader in online foreign exchange. "When we were thinking of our new sophisticated multi-asset trading platform for the active trader and investors we met with the necessity of expanding instrument and user numbers. We realized we needed a highly competent, professional team to deploy the infrastructure, taking into account the peculiarities of our processes and services," said Brendan Callan, CEO of Tradu. "On the one hand, it allows our clients to receive quality consolidating data from multiple sources. On the other hand, as a leading global provider of online foreign exchange, we can dispose of dxFeed's geo-scalable infrastructure and perform rapid reconfiguration to meet growing performance demands to provide data to hundreds of thousands of our clients around the globe." "The range of businesses finding the Market Data IaaS (Infrastructure as a Service) model appealing continues to expand. This approach is gaining traction among various enterprises, from agile startups seeking rapid development to established, prominent brands acknowledging the strategic benefits of delegating market data infrastructure to specialized firms," said Oleg Solodukhin, CEO of dxFeed. By taking on the responsibilities of infrastructure and data provision, dxFeed empowers Tradu to focus on innovation and client satisfaction, setting the stage for a transformative journey in the dynamic world of financial trading. About dxFeed dxFeed is a leading market data and services provider and calculation agent for the capital markets industry. According to the WatersTechnology 2022 IMD & IRD awards honors, it's the "Most Innovative Market Data Project." dxFeed focuses primarily on delivering financial information and services to buy- and sell-side institutions in global markets, both traditional and crypto. That includes brokerages, prop traders, exchanges, individuals (traders, quants, and portfolio managers), and academia (educational institutions and researchers). Follow us on Twitter, Facebook, and LinkedIn. Contact dxFeed: pr@dxfeed.com About Tradu Tradu is headquartered in London with offices around the world. The global Tradu team speaks more than two dozen languages and prides itself on its responsive and helpful client support. Stratos also operates FXCM, an FX and CFD platform founded in 1999. Stratos will continue to offer FXCM services alongside Tradu's multi-asset platform.

Read More

Application Infrastructure

dxFeed Launches Market Data IaaS Project for Tradu, Assumes Infrastructure and Data Provision Responsibilities

PR Newswire | January 25, 2024

dxFeed, a global leader in data solutions and index management for the financial industry, announces the launch of an Infrastructure as a Service (IaaS) project for Tradu, an advanced multi-asset trading platform catering to active traders and investors. In this venture, dxFeed manages the crucial aspects of infrastructure and data provision for Tradu. As an award-winning IaaS provider (the Best Infrastructure Provider by the Sell-Side Technology Awards 2023), dxFeed is poised to address all technical challenges related to market data delivery to hundreds of thousands of end users, allowing Tradu to focus on its core business objectives. Users worldwide can seamlessly connect to Tradu's platform, receiving authorization tokens for access to high-quality market data from the EU, US, Hong Kong, and Australian Exchanges. This approach eliminates the complexities and bottlenecks associated with building, maintaining, and scaling the infrastructure required for such extensive global data access. dxFeed's scalable low latency infrastructure ensures the delivery of consolidated and top-notch market data from diverse sources to the clients located in Asia, Americas and Europe. With the ability to rapidly reconfigure and accommodate the growing performance demands, dxFeed is equipped to serve hundreds of thousands of concurrent clients, with the potential to scale the solution even further in order to meet the constantly growing demand, at the same time providing a seamless and reliable experience. One of the highlights of this collaboration is the introduction of brand-new data feed services exclusively for Tradu's Stocks platform. This proprietary solution enhances Tradu's offerings and demonstrates dxFeed's commitment to delivering tailored and innovative solutions. Tradu also benefits from dxFeed's Stocks Radar—a comprehensive technical and fundamental market analysis solution. This Software as a Service (SaaS) seamlessly integrates with infrastructure, offering added value to traders and investors by simplifying complex analytical tasks. Moreover, Tradu leverages the advantages of dxFeed's composite feed (the winner at The Technical Analyst Awards). This accolade reinforces dxFeed's commitment to delivering excellence in data provision, further solidifying Tradu's position as a global leader in online foreign exchange. "When we were thinking of our new sophisticated multi-asset trading platform for the active trader and investors we met with the necessity of expanding instrument and user numbers. We realized we needed a highly competent, professional team to deploy the infrastructure, taking into account the peculiarities of our processes and services," said Brendan Callan, CEO of Tradu. "On the one hand, it allows our clients to receive quality consolidating data from multiple sources. On the other hand, as a leading global provider of online foreign exchange, we can dispose of dxFeed's geo-scalable infrastructure and perform rapid reconfiguration to meet growing performance demands to provide data to hundreds of thousands of our clients around the globe." "The range of businesses finding the Market Data IaaS (Infrastructure as a Service) model appealing continues to expand. This approach is gaining traction among various enterprises, from agile startups seeking rapid development to established, prominent brands acknowledging the strategic benefits of delegating market data infrastructure to specialized firms," said Oleg Solodukhin, CEO of dxFeed. By taking on the responsibilities of infrastructure and data provision, dxFeed empowers Tradu to focus on innovation and client satisfaction, setting the stage for a transformative journey in the dynamic world of financial trading. About dxFeed dxFeed is a leading market data and services provider and calculation agent for the capital markets industry. According to the WatersTechnology 2022 IMD & IRD awards honors, it's the "Most Innovative Market Data Project." dxFeed focuses primarily on delivering financial information and services to buy- and sell-side institutions in global markets, both traditional and crypto. That includes brokerages, prop traders, exchanges, individuals (traders, quants, and portfolio managers), and academia (educational institutions and researchers). Follow us on Twitter, Facebook, and LinkedIn. Contact dxFeed: pr@dxfeed.com About Tradu Tradu is headquartered in London with offices around the world. The global Tradu team speaks more than two dozen languages and prides itself on its responsive and helpful client support. Stratos also operates FXCM, an FX and CFD platform founded in 1999. Stratos will continue to offer FXCM services alongside Tradu's multi-asset platform.

Read More

More featured news