Officials from the Middlesex London Health Unit (MLHU) indicate it may take several weeks to figure out what caused a cybersecurity issue that led to the shutdown of many of its systems on Friday.
The health unit’s CEO Emily Williams had limited information to share during a media briefing on Monday but confirmed that an investigation is in progress and it’s not yet known if any patient data was affected.
“We take our role as stewards of sensitive information very seriously. We know that an event like this one, a cyber security incident is unsettling,” said Williams.
“The team is working hand in hand with cyber security experts, law enforcement and other agencies to understand what happened, reduce further risks and restore the services you expect from us.”
On Friday afternoon, the health unit released a statement saying it took some affected systems offline, including its regular phone lines and various software systems after discovering the security issue a day earlier. MLHU reported the incident to Ontario’s privacy commissioner and health ministry.
Several computer and phone systems were restored over the weekend, according to Williams, who noted that not all software systems are back online yet. MLHU is collaborating with cyber security experts from CFC Response and Norton Rose Fulbright, along with external legal counsel, said Williams.
![]()
Emily Williams is the MLHU’s chief executive officer. (Angela Mc Innes/CBC)
Williams did not confirm if this was a ransomware attack due to the sensitive nature of the ongoing inquiry. She also couldn’t provide estimates on how much the investigation and recovery efforts will cost since it’s still early in the process, she mentioned.
“We’re undergoing a thorough review and validation process to identify what if any data was impacted. If our investigation determines that there was any impact to personal data, we will reach out accordingly,” she said.
![]()
Aleksander Essex is an associate professor of software engineering at Western University. (Tiffany Mongu/CBC)
Essex suspects that MLHU will need to perform a “system scrub down” to detect and remove any malware present before conducting root cause analysis to determine how exactly this cybersecurity incident occurred.
Afterward, officials will likely need steps taken towards updating their defenses so future incidents can be prevented; however, prevention measures depend on understanding how significant the current cyber threat actually is, Essex added.
Williams stated that MLHU has a “series of robust tools” designed for monitoring potential threats but acknowledged that due to rapidly changing cyber threats, not every security incident can be avoided.
“As the investigation unfolds, we will continue working with our third-party cyber security experts to understand exactly how the incident occurred and ways in which we can build on any lessons learned,” she said.
Source link
Expert Says Local Services Face Tough Challenges
An organization’s risk for cyberattacks depends on its overall cybersecurity setup; however, smaller public entities like health units have an “asymmetrical disadvantage” when facing highly-skilled hackers, stated Aleksander Essex, a software engineering professor at Western University. He explained that small municipal organizations usually lack the advanced cyber protections available to federal agencies and added that forensic investigations for such incidents can run into hundreds of thousands of dollars. “Which is unfortunate because as a public institution, it’s already kind of stretched thin from a financial perspective and so this funding then goes into remediation instead of delivering health services,” he said. “My sympathy goes out to these municipal and local services who are fighting an uphill battle in the cyber landscape against people that are opportunistic and they either get lucky or they’re very sophisticated. It’s kind of an unfair fight.”Source link
