Pirates are attacking hospitals

News 20 July, 2017
  • Photo archives, Ben Pelosse
    Several hospitals in the province have been affected by a computer virus, including the jewish general Hospital in Montreal.

    Carl Vaillancourt

    Thursday, 20 July 2017 06:30

    Thursday, 20 July 2017 06:30

    Look at this article

    More than 1000 computers in a fifty health-care institutions in Quebec have been infected by a computer virus since the 1st of July, which has forced hospitals to resume several tests, including medical imaging.

    The infestation of the worm ” Wannacry “, however, would have been able to do much more damage in the hospitals of the province if he had not had an update done a few weeks before the attack. At least nine of the 17 centres intégrés de santé du Québec have been affected.

    It has caused some delays in tests with patients, among other, in medical imaging. This virus did more damage in over a hundred countries in the world since mid-may.

    An employee who was working on one of the stations, which are infected and who requested anonymity said that he was forced to start several reviews since its imaging software medical knew of the problems due to the virus.

    “The camera would crash on a regular basis, then an error message appeared, which prevented to make the examination of the patient. We had to begin again “, she said.

    For the past few weeks, the company Siemens has been called to repair several medical imaging devices infected by the virus. According to the spokesperson of the company, Alastair Harris-Cartwright, it was of minor problems.


    The ministry of Health (MSSS) ensures that the confidentiality of medical records has been preserved. The virus, however, has caused several delays, and the waiting time was very annoying for several employees of the health system.

    This intrusion of the virus into several computer systems of the network of health occurs approximately six weeks after the massive wave of infected computers in the world by the virus, ” Wannacry “.

    Unlike many hospitals in Europe, the Québec stated that it had received no ransom demand to recover the information, because no data has been stolen, according to the MSSS.

    The spokesman for the ministry of Health and social Services of Québec, Marie-Claude Lacasse, describes the impacts as being minor, since the everything has been checked by the antivirus software.

    “The antivirus software led to the arrest of the worm at the source, without that it can sneak into the system,” said Lacasse.


    At the onset of the virus, “Wannacry” last may 10, the MINISTRY has sent a note to all members of the network to perform the updates of the antivirus software.

    “The update of our antivirus software has helped to thwart a cyber attack, it could have been more serious if we had not been far-sighted,” said Lacasse.

    This last has admitted that the health care network receives an average of 197 million malicious emails in a year and that the impact was minimal.

    “No appointment has been moved,” confirmed Sylvie Lamontagne, the CISSS du Bas-Saint-Laurent.


    Centers of integrated health and social services affected

    • Chaudière-Appalaches
    • Montérégie-East
    • Montérégie-Ouest
    • Capitale-Nationale
    • Gaspésie
    • Lanaudière
    • The Centre-West of the island of Montreal
    • North Shore
    • Bas-Saint-Laurent


    A new model of computer virus

    The quebec health care system has not been spared by the largest cyber attack ever seen, while between 1 and 17 July, several hospital centres, CLSCS, NURSING homes and rehabilitation centres or youth centres have been affected by the virus, ” Wannacry “.

    The peculiarity of the virus is that it uses both a worm and malicious software to lock files of the users and force then to pay a ransom of € 275 ($400 CDN) to recover the locked data. This ransom must be paid with bitcoins, a virtual currency hardly traceable.


    By chance, the province has been affected then that a virus had been installed, which prevented the pirates ask for a ransom and seize data on computers.

    “We haven’t had a ransom demand, said the spokesman of the ministry of Health and social Services of Québec, Marie-Claude Lacasse. Anyway, if this were to happen, the Department would not pay to recover the stolen data to attackers. “

    According to a professor specializing in security of computer systems at UQAM, Guy Bégin, there is a new business model developed by hackers.

    “They’re going to infect someone’s computer. Once the computer infected, they will encrypt the data and ask the user to pay to recover its data. If you want to recover your data, you have no other choice than to pay, he told. Why use a worm ? It is simple, it is this that spreads the better as the virus thanks to the internet. “

    A flaw

    The worm infiltrated computers due to a security vulnerability in a Windows product.

    This fault would have been disclosed at the time by the national Agency of american security (NSA). The american giant of the computer would have accused the NSA of having allowed these hackers to produce this scourge.

    Microsoft has made available the update to prevent the worm from entering in all of its software since last march.


    150 countries affected by a cyber attack

    • May 12 : The United States warned against a wave of cyber attacks in several countries of the world, using a software ransom, and have advised not to pay the hackers.
    • May 14 : The cyber-attack struck more than 200 000 people in 150 different countries in the space of 48 hours. It is feared that a ” cyberchaos “.
    • May 15 (AM) : Europol, the Office of european police, is working on a decrypting tool on the files affected by the virus to know the source.
    • May 15 (PM) : The company Microsoft accuses the national Agency of american security (NSA) have disclosed a security flaw on Windows products, which would be the source of the virus, ” Wannacry “.
    • 16 may : hospitals in England have resumed normal operation after having been infected by the cyber attack a few days earlier.
    • 28 June : A massive wave of cyber attacks in the rançongiciel of the same kind as that of the “Wannacry” hits the oil giant Russian Rosneft and the Ukrainian nuclear power plant Chernobyl. Merck became the first known target in the United States, since his system had been compromised.
    • 1 July : first attack software “Wannacry” is orchestrated on the computers of the health network in Quebec.
    • 17 July : The last attack listed in the health system occurred in the CISSS de Lanaudière : 57 computers have been the target of hackers.