Stolen Sask. Health care information could fetch significant sums on dark web, expert says
Although the ransom requested by the program used in a cyberattack in 2020 hasn’t been paid, an IT expert believes that Saskatchewan residents aren’t out in the cold.
A report recently released by the Saskatchewan’s Information and Privacy Commissioner (IPC) states that around 547,000 of the files stolen by ransomware from provincial health care servers last January could have contained personal information.
That information is high levels and could fetch big money, as much as $1,000 USD per data that is available on the dark web.
“Health information is particularly lucrative on the dark web,” said the Dr. Alec Couros, world Market url a University of Regina Information and Communications Technologies professor.
“This information can provide a really long history and a lot of complete information, and typically goes for more money on the dark web as opposed to credit cards which actually go for very cheap.”
Couros states that health information could include addresses, names dates of birth, credit card details, health number, health conditions and more.
This can be used to do anything from blackmail to identity theft.
“The more full and complete this record can be the more damaging it can be to an individual,” Couros declared.
Couros stated that “fullz”, a term used to describe a document which includes all the required information necessary to identify an individual, may fetch as much as $1,000 USD through the dark web.
He said that if enough fullz can be created by this stolen information, that data could be worth millions dollar on the dark web in total.
Instigated by a Saskatchewan Health Authority (SHA) employee plugging a personal gadget into a computer in the latter part of 2019. The cyber attack could penetrate the connected digital infrastructure of the SHA, eHealth Saskatchewan and the Ministry of Health.
Around 40 gigabytes which is more than 5.5 million files were stolen in total.
They were also encrypted which made their content elusive. But using specific search techniques including searching for files that contain a 9-digit number, eHealth Saskatchewan was able to estimate that 547,145 files containing personal information or personal health data were stolen across the affected organizations.
The IPC’s report made 25 recommendations that address information security at the affected companies.
One of them was a request for eHealth to monitor the dark web for the stolen information for at minimum five years. His report reveals that, via SaskTel, eHealth Saskatchewan hired Hitachi Systems Security on January
On Friday Health Minister Paul Merriman promised to examine each suggestion individually, including the idea of dark web monitoring.
“We’re looking to see if anything comes up. And, if anything does occur, we’ll help any person who requires reassurance that their privacy isn’t violated, or that it isn’t being sold or isn’t the subject of identity theft,” Merriman said.
However, Couros said that because digital information can be endlessly duplicated, and the primary goal of the dark web is keeping its users in the dark, securing the activity of users is a huge order.
“What Tor (the open-source software used to access through the dark web) does, is it creates several layers of IP addresses so you don’t know exactly the location of the computer that is used to create the IP address. Once you’re there, everyone is anonymous and it’s very difficult to trace anyone,” he said.
He said that the majority of dark web transactions deal in crypto currencies like Monero and Bitcoin as well as Bitcoin, and there isn’t much an individual could do after losing this data to be able to retrieve it.
“That would make a transaction far more secure and discreet than, say an Western Union transaction. Thus, you’re completely anonymous. The money isn’t traceable. It makes it much easier to combat illegal goods. Even if you did find these digital products sold on the dark web, that doesn’t necessarily mean they’re not sold by many people.”