The CIUSSS West Central Montreal’s IT system was hacked—as was the STM’s—a deeper look at what happened and responses by both to the media
The CIUSSS du Center-Ouest-de-Île-de-Montréal has been the victim of a hacker attack. Healthcare facility has seen part of its network attacked with ransom ware, according to information obtained by the Bureau of Investigation. In particular, the appointment booking system is affected, stated an early press release.
This was their statement: “During the day-to-day review of our CIUSSS’s computer systems, we discovered a cyber security intrusion. At this time, we do not believe that information about patients or staff has been viewed,” wrote Lawrence Rosenberg, CEO of CIUSSS, in a memo to all employees. An investigation carried out by our experts is underway. We have also notified the MSSS of the situation, and are working with the ministry’s cyber security team,” he added.
The CIUSSS du Center-Ouest-de-Île-de-Montréal has 12,000 employees in 30 care centers. It serves nearly 350,000 people, mainly in Côte-Des-Neiges-Notre-Dame-De-Grâce, Westmount and Outremont. According to Dr. Michel de Marchie, the attack had no effect on hospital patients, including those in the COVID-19 unit at the Jewish General Hospital, part of the CIUSSS du Center-Ouest.
“They managed to avoid the worst. There is some software that we do not have access to, but that does not affect patient care,” says the specialist in internal medicine. The computer attack reportedly began on Wednesday evening.
As a preventive measure, some computer programs were inaccessible Thursday morning. These events come as several hospitals in North America have also been victims of cyber attacks since the start of the week. According to the Washington Post, in the past few days, six US hospitals, including New York and California, have been victims of Russian-origin ransom ware. Some hospitals have paid racks of up to $ 1 million to regain access to their data, the US daily said. The FBI even issued a warning to hospitals about the attack.
A Zoom press conference
Soon following the news, Dr. Rosenberg and others held a Zoom meeting which served as a press release. In it he stated: “A press briefing was certainly in order … we discovered an anomaly …” He said that no patient and staff info was compromised. To limit the risk they isolated info immediately and stated that they were “… an island disconnected from the internet.” They at the time were “trying to get to the bottom of this.”
All patients and residents were safe and were receiving care, he wanted to urge to one and all. The only challenges he said were in the form of communication—specifically the telephone system … because of what was found and their obvious disconnection. Also stated was that their file back-up was strong and up-to-date. No issues there. The overall feeling was one of reassurance, letting the community know that everything was okay despite the intrusion.
They were transferring data between offices on USB—people who were and are authorized to use them. Unencrypted data on USB and no one could get to them, Rosenberg stated.
What was interesting top note as well was that the fall-back position was paper. “Things may be slower, but everything’s continuing. In the hospital things are functioning like they did before … but there will be a delay.” He also stated when asked about other situations like this in the states and possible future issues, Rosenberg stated: “If someone’s determined to hack you, they’re gonna hack you. We have to be vigilant.”
There hasn’t been a ransom request, but only a cyber intrusion in the network. They are using personal cell phones rather than the phone system, or at least that was the case as soon as the attack occurred.
Francine Dupuis stated: “The fact that we found the problem early on is quite good.
A similar situation for the STM
Interestingly enough, the STM was also hacked a few weeks back—specifically on October 19th and as of the 24th, Global News reported that the STM was still investigating the attack with what looked like no leads. Many believe that this attack was similar to the attack on the CIUSSS, but no conclusions have been drawn as of press time. It was in this case that the hacker responsible demanded a 2.8 million dollar (USD) ransom to restore the network back to working order, contrary to the more recent hack where apparently no ransom was demanded.