Staff at local hospital sites have been instructed not to open emails from unknown sources and to contact IT immediately if they’ve opened an email from an unknown source and suspect their system may have been compromised.
Huntsville Hospital’s computers were down for about two days last week, around the same time that a massive ransomware virus attacked networks on a global scale, including Britain’s National Health Service, healthcare providers in the U.S. and Lakeridge Health’s hospital in Oshawa. The attack was said to have been perpetrated via phishing emails containing the WannaCry virus, which targets Microsoft Windows operating systems locking out data and demanding a ransom to release it. A patch is said to have been released by Microsoft in March to combat the ransomware.
Muskoka Algonquin Health Care (MAHC) CEO Natalie Bubela, who manages both the Huntsville and Bracebridge hospitals, said the hospitals use an integrated IT system called Cerner, which is designed to automate health care processes. “The Cerner partnership did put the patches in place last week, in advance of anything happening at Lakeridge for instance or around the world,” explained Bubela, adding that as far as she’s aware the computer outage in Huntsville was unrelated to the cyber attacks reported last week. She said the outage was a little longer than usual and expects staff will be briefed on what went wrong and whether the back-up system worked appropriately. She also said the hospital sites have a protocol in place when the system is down. “That’s not uncommon to happen with computer systems. We just revert to paper and then you input the data afterwards,” she said.
According to Bubela, hospital CEOs were notified of the attack Friday evening.“The Minister of Health did set up a command centre and they did email all the CEO’s Friday evening, just to make sure that everyone was aware of it.” She said so far it appears local hospitals have not been impacted.
“Now these are sleeper type of viruses. That does not mean that other organizations, or us, aren’t vulnerable in the future. That’s why we’re taking additional action just to make sure that people are really paying attention to what they’re getting on their screen and we’ll be tightening our security even more based on recommendations that may be coming from the Ministry. “
Tammy Tkachuk with the Simcoe Muskoka Local Health Integration Newtork, which funds public health organizations in this area, said that as of Monday morning there were no reports of anyone being impacted in its catchment area. “As of this morning, we have not received any reports of our systems or computers being impacted by the WannaCry ransomware. Our Information Technology department remains in a heighten state of alert and readiness as our security monitoring tools continue to monitor our network and systems.”
Don’t miss out on Doppler! Sign up for our free, twice-weekly newsletter here.
I spent 45 years in corporate IT. A 2 day outage is an extremely rare event. Can you recall a bank, or an airline, who are totally dependent on IT being out of business for 2 days? 2 hours is a catastrophe and headline news.
Also, an IT system with a paper backup is a very rare occurrence, since IT enhances business to such an extent that reverting to a manual system would be unthinkable. The health industry is in the dark ages of IT in some areas it seems.
Hopefully we will hear the full story at a later time.