June 16, 2024

Cool Rabbits

Healthcare Enthusiast

Work continues one year after eHealth cyberattack report

“This is just going to happen more and more and more. It’s kind of a cat and a mouse game.”

Article content

More than a year has passed since Saskatchewan Information and Privacy Commissioner Ron Kruzeniski released a report on the most damaging cyber attack in Saskatchewan’s history.


Article content

Hackers paralyzed the province’s health system, potentially accessing millions of files, thousands of which contained the personal health information of Saskatchewan citizens.

To this day, it’s unclear exactly what was taken.

Kruzeniski said the report should serve as a reminder and warning that such attacks — when cyber criminals try to access personal information for the purposes of blackmail and fraud — are becoming more and more common.

“It’s hard for me to envisage a more significant investigation in Saskatchewan,” he said.

The attack began in December, 2020 when an unsuspecting Saskatchewan Health Authority employee opened a Microsoft Word document on a personal device while it was connected to a work computer.

That opened the gate for a ransomware attack on the entire health system. More than two weeks later, hackers revealed their presence by holding the files ransom. At that point, eHealth Saskatchewan later estimated more than 50 million files could have been compromised.

Kruzeniski’s report found eHealth, a Crown treasury board that runs the province’s health infrastructure, missed multiple opportunities to find and halt the hack.

In the resulting fallout, Health Minister Paul Merriman replaced the entire board of the organization with two ministry officials. He accepted almost all of Kruzeniski’s two dozen recommendations, which the organization said it has been chipping away at and reporting on to the commissioner on a quarterly basis.


Article content

Lorri Thacyk, director of communications for eHealth, said scanning of the dark web in search of stolen files found no evidence hackers were seeking to sell the information for profit. She also wrote that the Saskatchewan Health Authority and Ministry of Health had “intensified” cyber security training for staff. They later confirmed that the pass mark for cybersecurity training for employees had been increased from 70 per cent to 90 per cent.

They also confirmed eHealth was working on a recommendation to “undertake a comprehensive review of its security protocols to include in depth investigation when early signs of suspicious activity are detected.”

Ministry of Health spokeswoman Jennifer Graham wrote there are no immediate plans to replace the two senior ministry staff serving as board members.

Instead of a formal governance review, Graham wrote the ministry would make changes at the board level, make improvements in oversight and appoint a new CEO after CEO Jim Hornell left the organization in June.

Kruzeniski said he is satisfied with the pace of change given the constraints the COVID-19 pandemic has put on such work.

“How do you train thousands of people quickly? I have to accept that can’t happen overnight,” he said.

He hopes the organization’s new CEO will address issues of culture at eHealth that were identified by a separate SaskTel report, he said. It found eHealth did not have the resourcing to fulfil its mandate and that instead of collaboration there were “pockets of power which are wielding that power to their own advantage to the detriment of the overall success of the eHealth mandate.”


Article content

“We need the leadership in place that will look at culture. You need a CEO that will walk the talk,” Kruzeniski said.

Governments should treat such cyber attacks not as an “if” but a “when,” he said, noting that his office recently received notice of a cyber attack against the Saskatchewan Liquor and Gaming Authority, for example.

“This is just going to happen more and more and more. It’s kind of a cat and a mouse game.”

[email protected]

The news seems to be flying at us faster all the time. From COVID-19 updates to politics and crime and everything in between, it can be hard to keep up. With that in mind, the Saskatoon StarPhoenix has created an Afternoon Headlines newsletter that can be delivered daily to your inbox to help make sure you are up to date with the most vital news of the day. Click here to subscribe.



Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user you follow comments. Visit our Community Guidelines for more information and details on how to adjust your email settings.