Reeling from Ransomware Attack, eHealth Saskatchewan Says Restructuring IT Infrastructure

eHealth Saskatchewan | June 12, 2020

  • Five months after a ransomware attack locked the computer systems storing eHealth Saskatchewan says it’s going to take a while to restructure its IT infrastructure.

  • It wasn��t long after the agency’s IT team discovered files from some of its servers had been sent to suspicious IP addresses.

  • Additional steps taken to protect its computer systems better since the initial attack include updating password protocols, updated protection software.


Five months after a ransomware attack locked the computer systems storing confidential medical data of Saskatchewan residents, eHealth Saskatchewan says it’s going to take a while to restructure its IT infrastructure, and that it’s still unsure who stole the data or where it is. The health agency’s chief executive officer Jim Hornell confirmed in February that the virus first entered the eHealth system on December 20, 2019. Employees didn’t discover there was a problem until they tried to open files on Jan. 6 and were asked to hand over bitcoin in exchange for the encrypted data.


As we outlined publicly in early February, eHealth discovered some files were sent to IP addresses outside of eHealth’s environment. Those files were encrypted and password protected by the attacker. This makes it difficult to determine the exact content of those files,” wrote Ian Hanna, director of communications for eHealth Saskatchewan in an email to IT Word. “Longer-term work on re-organizing and restructuring eHealth’s IT architecture will continue for several more months.



Read more: COMPARING SIX LEADING CONVERGED INFRASTRUCTURE VENDORS' PRODUCT

eHealth Saskatchewan in an email to IT Word. “Longer-term work on re-organizing and restructuring eHealth’s IT architecture will continue for several more months.

~ Ian Hanna, director communications eHealth Saskatchewan


Law enforcement and privacy officials have been kept up-to-date on the forensic investigation, wrote Hanna. He also confirmed that eHealth had hired outside help to determine if any files were illegally sold. As of now, no trace of such activity has been found. The agency’s website says, should it be determined that personal health information has left the organization, the public will be advised.


Additional steps taken to protect its computer systems better since the initial attack include updating password protocols, updated protection software the introduction of multi-factor authentication for crucial systems, added Hanna. There was a total lack of visibility of the health agency’s computer network, according to David Masson, director of enterprise security at Darktrace. Unfortunately, it’s a common problem with many companies, he said.


It’s too late to really do much once you discover there’s a problem because by then, the damage is done, One of the other disturbing details of the attack against eHealth Saskatchewan.


With eHealth, there was never any ransom paid, but we’ve seen that the data has left [the data centre] and turned up in various other places,” said Masson. When it comes to action items on the part of residents whose data might be compromised, Masson suggested additional vigilance. Be wary of strange emails, text messages and phone calls. And it doesn’t hurt to check bank statements every once in a while, he added.


One of the other disturbing details of the attack against eHealth Saskatchewan is how files from some of its servers had been sent to suspicious IP addresses, he indicated. This could reflect a more sophisticated ransomware attack akin to the one that crushed an agricultural services company earlier in June. In that case, a website called “Happy Blog” run by threat group dubbed REvil auctioned off data it says was stolen from a London, Ont., company that offers crop advisory and protection services. The auction notice said the data available included accounting documents and customer accounts for the last three months.


Read more: HELIX TECHNOLOGIES BREAKS GROUND IN DATA ANALYTICS FOR CANNABIS PRODUCTION, UNVEILS BI TOOL

Spotlight

With digital map, creating ultimate O&M experience for multi-cloud, multi-vendor heterogeneous networks, enabling significantly better capabilities, efficiency, and experiences.

Spotlight

With digital map, creating ultimate O&M experience for multi-cloud, multi-vendor heterogeneous networks, enabling significantly better capabilities, efficiency, and experiences.

Related News

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION STORAGE

Axelera AI and Advantech to Bring the Inference Power of the Cloud to Edge Devices

Axelera AI | March 09, 2023

On March 08, 2023, Axelera AI and Advantech declare their strategic alliance as the world's most powerful and advanced solutions supplier for AI at the Edge. Advantech, a leader in embedded and industrial PCs, and Axelera AI, a leader in edge AI technology, have partnered to bring the inference capability of a data center to edge devices, allowing customers to process data in real time while decreasing latency and increasing productivity. In just a a span of 18 months, Axelera AI: Taped out 2 chips, Introduced next-generation Metis AI software and hardware platform, Raised USD funding of $37ml and Grew a team of more than 100+ game-changers – (40 PhDs in 12 European countries.) Fabrizio Del Maffeo, CEO of Axelera AI, stated, "We are excited to showcase our progress in building next-generation computer vision products. The partnership with Advantech underpins the magnitude of what our Metis AI platform delivers and we are honored to partner with them. As we grow, we're seeking talented people to join our team and develop the future of Edge AI." (Source – BusinessWire) During Embedded World, Axelera AI will display its latest offerings, which can be purchased in a variety of M.2 modules and vision-ready systems, as well as other industry-standard form factors. Metis AIPU technology and the intuitive Voyager SDK software stack combine to provide high-powered processing performance at a fraction of the price and power consumption of existing alternatives. About Axelera AI Axelera AI, which is providing the world’s most powerful and advanced solutions for AI at the edge, is developing a game-changing hardware and software platform for AI. Axelera AI has research and development facilities in Belgium, Switzerland, and Italy, in addition to its headquarters in the AI Innovation Center on the High Tech Park in Eindhoven. Its software and hardware professionals in artificial intelligence are recruited from leading AI businesses and Fortune 500 organizations

Read More

HYPER-CONVERGED INFRASTRUCTURE,APPLICATION INFRASTRUCTURE

NTT DATA Business Solutions Deploys Aviatrix’s Business-Critical Cloud Networking Infrastructure

Aviatrix | January 12, 2023

Pioneers of Intelligent Cloud Networking, Aviatrix, recently announced that NTT DATA Business Solutions has implemented the Aviatrix Cloud Networking Platform as the core technology for Cloud Network-as-a-Service (NaaS). Due to the multicloud constraints of native service providers regarding security, visibility and networking, NTT DATA Business Solutions uses Aviatrix to provide business-critical SAP application services for its enterprise customers. As part of the NTT Data Group and global strategic partner of SAP, NTT DATA Business Solutions provides turnkey implementation from advisory to managed services, to enhance SAP solutions for enterprises. NTT Business Solutions’ partnership with Aviatrix will help them to deliver cloud NaaS to support enterprise SAP deployments. Aviatrix Cloud Networking Platform provides service providers with the cutting-edge networking, security, and operational visibility they need to support mission-critical applications, whether private, managing multiple internal corporate lines of business, or public, managing external customers. Cloud consumers frequently view cloud networking as transparent, but infrastructure operations teams are aware that to provide application uptime, response times, and agility that business units and customers demand from cloud services, specialized knowledge and technology are crucial. Nauman Mustafa, Vice President of Business Development and Global Service Provider Partners at Aviatrix, said, "Multicloud networking is fundamental to enterprise cloud infrastructure today," said. He further added, "NTT DATA Business Solutions is a globally recognized solution provider, delivering proven solutions for business-critical enterprise SAP applications in the cloud. It has been a pleasure working with our partners at NTT DATA Business Solutions to architect, deploy, and operate their cloud NaaS infrastructure in support of their Intelligent Enterprise SAP services." (Source: PR Newswire) About Aviatrix Aviatrix Intelligent Cloud Networking pioneer, Aviatrix, provides multicloud networking software to deliver a simplified enterprise-grade model for cloud service providers. Its solutions optimize business-critical application performance, availability, cost and security, and when combined with its very own Aviatrix Certified Engineer (ACE) program, the industry’s first and only multicloud networking certification, innovative companies can transform their business by upgrading their cloud networking with Aviatrix.

Read More

HYPER-CONVERGED INFRASTRUCTURE

euNetworks Expands Dark Fiber Network in Belgium via Acquisition

euNetworks | March 14, 2023

euNetworks Group Limited, a company that provides bandwidth infrastructure in Western Europe, recently announced its acquisition of the dark fiber business branch of a utility company called ‘the Business Branch’ in Belgium.The Business Branch, constructed in the late 1990s, is a duct-based network with 1,660 km of fiber dispersed throughout unique Brussels routes and long haul routes across Belgium. It has access to additional high-bandwidth sites and is close to 13 data centers. Customers from national and regional ISPs to content, cloud providers, mobile network operators, and hyperscalers will receive dark fiber and lit services through euNetworks' long-haul infrastructure. The recent upgrade underwent increased expansion capacity and ability to pull the new, higher-count cable, satisfying euNetworks' client bandwidth growth needs. Paula Cogan, Chief Executive Officer of euNetworks remarked, “euNetworks continues to distinguish itself in the digital infrastructure ecosystem, delivering critical internet infrastructure to customers through an asset-rich business focused on developing and deepening its fibre networks in Europe.” She added, “This acquisition will strengthen euNetworks’ leadership in European infrastructure by enabling us to expand across Belgium while maintaining our focus on delivering unique and scalable network routes to our customers between key data centres. It also presents compelling investment opportunities as we look into adjacent geographies with our customers to give them an end-to-end experience and as we focus on the ongoing densification of the high-demand bandwidth region of FLAP (Frankfurt, London, Amsterdam and Paris).” (Source – Business Wire) The inclusion of the Business Branch complements euNetworks' current approach. euNetworks is committed to providing high-bandwidth fiber connectivity within and between European cities, constantly improving its infrastructure. These improvements include creating new routes, adding new paths, and expanding into key hyperscale data center sites, network aggregation points and data center clusters. These investments drive the capacity needs of euNetworks' customers and fuel the company's expansion. About euNetworks euNetworks was started in 2002 and has been serving wholesale, finance, content, media, mobile, data centers, and enterprise customers with critical bandwidth infrastructure services. The company owns and runs 17 fiber-based metropolitan networks and a high-capacity intercity backbone that connect 53 cities in 17 European countries. euNetworks offers a range of metropolitan and long-haul services, including Dark Fiber, Ethernet and Wavelengths and is a leading cloud connectivity provider.

Read More