top of page
Writer's pictureDGT Cyber Blog

Strengthening Canada's Health-Care Cybersecurity

As cyberattacks on health-care systems in Canada continue to rise, experts are urging the adoption of enhanced security practices to safeguard sensitive patient information and critical infrastructure. According to a recent article in the Canadian Medical Association Journal (CMAJ), at least 14 major cyberattacks have targeted Canadian health information systems since 2015, underscoring the urgent need for robust cybersecurity measures.


The most recent incident involved a ransomware attack on five Ontario hospitals and their shared IT provider, causing disruptions to online services and necessitating the postponement of surgeries and appointments. In May, another significant cybersecurity breach compromised the personal health information of 3.4 million individuals seeking pregnancy care and advice in Ontario.


Canada currently ranks 10th globally in breach count, with more than 207.4 million compromised accounts since 2004, highlighting the severity of the cybersecurity landscape. The Canadian Centre for Cyber Security has warned of ongoing threats to critical infrastructure, including health organizations, over the next two years.


The authors of the CMAJ article, hailing from the University of Toronto, Unity Health Toronto, and the University of British Columbia, emphasize the need for improved security practices in the health-care sector. Health organizations, considered "financially lucrative" targets, often rely on outdated systems, making them vulnerable to cyberattacks.


To mitigate cyber threats, the article suggests four key measures based on the U.S. National Institute of Standards and Technology:

  • Prevention Measures:

    • Install anti-virus and VPN software on devices.

    • Remain vigilant to phishing emails.

    • Set strong passwords and enable two-factor authentication.

  • Detection of Suspicious Activity:

    • Monitor for any suspicious behaviour such as pop-up messages, emails from unfamiliar senders, and unrecognized file installations or deletions.

    • Conduct regular antivirus and malware scans to detect potential threats.

  • Response to Cyberattacks:

    • In the event of a cyberattack, disconnect affected machines from the internet.

    • Shut down affected machines to prevent further damage.

While the federal government has introduced legislation to empower Ottawa with new powers for critical infrastructure protection, including telecommunications, pipelines, nuclear energy, federally regulated transportation, and banking, health organizations are not explicitly covered. The proposed legislation, known as Bill C-26, has yet to be considered in committee.


The CMAJ article emphasizes the need for greater coordination between the federal government, provinces, and territories to establish common security standards and shared service models, creating a united front against evolving cyber threats.

In the face of escalating cyber threats in the health-care sector, Directpath Global Technologies Inc. offers advanced cybersecurity solutions tailored to fortify digital infrastructure. Explore our comprehensive services, including:

  • Vulnerability Risk Management as a Service (VRMaaS):

    • Proactive identification and mitigation of vulnerabilities.

  • Vulnerability Assessment and Penetration Testing (VAPT):

    • Real-world cyber attack simulations to uncover and strengthen potential weaknesses.

  • Extended Detection and Response (XDR):

    • Real-time threat detection, investigation, and response.

  • Web Application Firewall (WAF):

    • Ensuring the security of web applications against a range of online threats.

Partner with Directpath Global Technologies Inc. to enhance the cybersecurity resilience of health organizations across Canada. Connect with us to learn more about our cutting-edge cybersecurity solutions. Together, let's build a secure digital future for Canada's health-care system.

3 views0 comments

Comments


bottom of page