Vancouver Coastal Health fell victim to a cyberattack this spring, saying hackers used a ransomware program to hit a computer system used for its Employee and Family Assistance Program (EFAP), a counseling and wellness service for VCH workers. According to the health authority, the computer network hosting the EFAP was separate from VCH’s main system and being administered by an independent IT company at the time of the attack.
Here’s a couple of stories on this cyberattack.
The above is yet another example of the importance of reducing cyber vulnerability and level of risk in organizations and navigating the changing security environment.
David Masson, director of enterprise security for Darktrace had this to say:
Security teams in the healthcare sector need to be lucky all the time when defending hospitals and medical organizations, while threat actors only need to be lucky once. Threat actors specifically go after the healthcare industry because they expect to be able to exploit the industry’s duty and drive to provide a service for their patients. Oftentimes, hospital leaders will choose the quickest path back to restoring their services after an attack by paying the ransom. Unfortunately, attackers capitalize on this opportunity for ransom to be paid quickly and pay no mind to possible collateral damage.
This is a reminder that businesses need to be on guard when it comes to cybersecurity, and up their game when it comes to not being the next victim.