Wed, April 24, 2024 at 9:35 AM EDT
Business
LifeLabs cyberattack one of 'several wake-up calls' for eHealth security and privacy – CBC.ca
The data breach of the Canadian laboratory testing company LifeLabs is one of “several wake-up calls” for security and privacy challenges that come with the push for a medical system in which eHealth plays a significant role.
“The medical field for us is one of the worst when it comes to cyber security practices,” said David Kennedy, cyber security expert and founder and CEO of TrustedSec, an information security consulting firm.
“What’s interesting about the large push for electronic patient health-care information that you put online is that a lot of these organizations are not designed to withstand attacks.”
Many health-care organizations and professionals are big advocates for eHealth. On its website, Heath Canada describes eHealth as “an essential element of health-care renewal,” which will “result in benefits to Canadians through improvements in system accessibility, quality and efficiency.”
The Electronic Health Record, for example, allows the sharing of necessary information between care providers across medical disciplines and institutions.
But on Monday, LifeLabs — Canada’s largest provider of general diagnostic and specialty laboratory testing services — announced that a cyberattack on its computer systems had forced the company to pay a ransom to retrieve the sensitive information of millions of customers.
LifeLabs president Charles Brown wrote that information related to about 15 million customers, mainly in British Columbia and Ontario, may have been accessed during the breach.
Other security breaches
And that attack was just the most recent breach in Canada. Just months ago, hackers crippled the computer systems of three Ontario hospitals.
Meanwhile, in Alberta, breaches have included the disappearance of an unencrypted hard drive containing the personal health information of 650 patients at the Mazankowski Alberta Heart Institute in August, and the inappropriate access of 2,158 electronic health records by Alberta Public Laboratories staff at the Red Deer Regional Hospital Centre earlier this year.
“We’ve probably had several wake-up calls, but it still seems like lots of folks are asleep at the wheel,” said Beau Woods, a cyber safety innovation fellow with the U.S. think-tank Atlantic Council.
Woods suggested it was troubling that Brown didn’t know whether or not the LifeLabs records were encrypted.
“Whether or not encrypted records would have protected the data in this case is to be seen,” he said. “The fact that the CEO, even after probably talking to IT can’t say whether the records are encrypted, says that there’s some kind of fundamental breakdown in governance.”
Hackers like to target hospitals and medical facilities, which are often on very tight IT budgets, said David Masson, director of enterprise security for Darktrace, a cyber AI company.
“They know they’ll be struggling to actually secure their IT networks. So they will see them as easy targets. And that’s why they go after them,” Masson said.
So security usually falls by the wayside in many cases for most organizations. Security ends up being a very small percentage if any in most hospitals, most health-care providers.– David Kennedy, founder and CEO of TrustedSec
One of the problems is that medical institutions see themselves solely as health-care providers, meaning IT security doesn’t get the focus it needs, TrustedSec’s Kennedy said.
“So security usually falls by the wayside in many cases for most organizations. Security ends up being a very small percentage if any in most hospitals, most health-care providers that we see out there today.”
Tom Keenan, a University of Calgary professor who specializes in cyber security and researched the issue of electronic health records, said not all hospitals are lax when it comes to IT security, and that it varies across Canada how well hospitals treat the issue.
While human error is often the weakest link, another factor, he said, is that people who build these systems also sell optional extras for security.
‘Take extra measures’
In one particular case he studied, the people who ran the health authority knew they had vulnerabilities and bought an extra auditing package, but never installed it.
“We can take extra measures,” he said. “We need to tighten things up.“
Despite the security issues, Keenan said there’s no need to pause when it comes to the push for eHealth, but just beef up security.
“We don’t want to slow it down. If anything, we want to speed it up,” he said. “Full steam ahead but with due regard to caution.”
“I trust my lab, but I would also like them to publish periodically [that they’ve] been audited by a third-party cyber security company.“
There’s a lot of cyber hygiene things that you could do that aren’t expensive — that actually can be less costly than not doing them.– Beau Woods, cyber security expert
As well, medical facilities should hire cyber security firms to conduct penetration tests, to determine the vulnerability of their system, he said.
Woods, the cyber security expert, said there are some simple remedies for medical facilities, like updating their software or having multi-factor authentication.
“There’s a lot of cyber hygiene things that you could do that aren’t expensive — that actually can be less costly than not doing them,” he said. “Not looking at cost of breaches and things like that, just operationally less costly and more secure.”
Sandy Buchman, president of the Canadian Medical Association, said he believes in terms of the human component of security, hospitals are making “extreme efforts” to protect patient privacy.
‘Breaks down trust’
But he said he understands how incidents like the LifeLabs data breach can shake a patient’s trust.
“It could be something way beyond a physician or hospital’s control, like these cyberattacks that are occurring, but it still breaks down trust in the overall system.
The medical community has to be diligent and press for the improvements needed in the security of personal health information, he said.
“We have to be better as a health-care community in demanding that. I’m not a cyber security expert. I know we can’t let off the pressure — to be pressing for this at all times in whatever ways are technologically possible.”
Continue Reading
Business
Oil Firms Doubtful Trans Mountain Pipeline Will Start Full Service by May 1st
|
Oil companies planning to ship crude on the expanded Trans Mountain pipeline in Canada are concerned that the project may not begin full service on May 1 but they would be nevertheless obligated to pay tolls from that date.
In a letter to the Canada Energy Regulator (CER), Suncor Energy and other shippers including BP and Marathon Petroleum have expressed doubts that Trans Mountain will start full service on May 1, as previously communicated, Reuters reports.
Trans Mountain Corporation, the government-owned entity that completed the pipeline construction, told Reuters in an email that line fill on the expanded pipeline would be completed in early May.
After a series of delays, cost overruns, and legal challenges, the expanded Trans Mountain oil pipeline will open for business on May 1, the company said early this month.
“The Commencement Date for commercial operation of the expanded system will be May 1, 2024. Trans Mountain anticipates providing service for all contracted volumes in the month of May,” Trans Mountain Corporation said in early April.
The expanded pipeline will triple the capacity of the original pipeline to 890,000 barrels per day (bpd) from 300,000 bpd to carry crude from Alberta’s oil sands to British Columbia on the Pacific Coast.
The Federal Government of Canada bought the Trans Mountain Pipeline Expansion (TMX) from Kinder Morgan back in 2018, together with related pipeline and terminal assets. That cost the federal government $3.3 billion (C$4.5 billion) at the time. Since then, the costs for the expansion of the pipeline have quadrupled to nearly $23 billion (C$30.9 billion).
The expansion project has faced continuous delays over the years. In one of the latest roadblocks in December, the Canadian regulator denied a variance request from the project developer to move a small section of the pipeline due to challenging drilling conditions.
The company asked the regulator to reconsider its decision, and received on January 12 a conditional approval, avoiding what could have been another two-year delay to start-up.
Business
Tesla profits cut in half as demand falls
|
Tesla profits slump by more than a half
Tesla has announced its profits fell sharply in the first three months of the year to $1.13bn (£910m), compared with $2.51bn in 2023.
It caps a difficult period for the electric vehicle (EV) maker, which – faced with falling sales – has announced thousands of job cuts.
Boss Elon Musk remains bullish about its prospects, telling investors the launch of new models would be brought forward.
Its share price has risen but analysts say it continues to face significant challenges, including from lower-cost rivals.
The company has suffered from falling demand and competition from cheaper Chinese imports which has led its stock price to collapse by 43% over 2024.
Figures for the first quarter of 2024 revealed revenues of $21.3bn, down on analysts’ predictions of just over $22bn.
But the decision by Tesla to bring forward the launch of new models from the second half of 2025 boosted its shares by nearly 12.5% in after-hours trading.
It did not reveal pricing details for the new vehicles.
However Mr Musk made clear he also grander ambitions, touting Tesla’s AI credentials and plans for self-driving vehicles – even going as far as to say considering it to be just a car company was the “wrong framework.”
“If somebody doesn’t believe Tesla is going to solve autonomy I think they should not be an investor,” he said.
Such sentiments have been questioned by analysts though, with Deutsche Bank saying driverless cars face “technological, regulatory and operational challenges.”
Some investors have called for the company to instead focus on releasing a lower price, mass-market EV.
However, Tesla has already been on a charm offensive, trying to win over new customers by dropping its prices in a series of markets in the face of falling sales.
It also said its situation was not unique.
“Global EV sales continue to be under pressure as many carmakers prioritize hybrids over EVs,” it said.
Despite plans to bring forward new models originally planned for next year the firm is cutting its workforce.
Tesla said it would lose 3,332 jobs in California and 2,688 positions in Texas, starting mid-June.
The cuts in Texas represent 12% of Tesla’s total workforce of almost 23,000 in the area where its gigafactory and headquarters are located.
However, Mr Musk sought to downplay the move.
“Tesla has now created over 30,000 manufacturing jobs in California!” he said in a post on his social media platform X, formerly Twitter, on Tuesday.
Another 285 jobs will be lost in New York.
Tesla’s total workforce stood at more than 140,000 late last year, up from around 100,000 at the end of 2021, according to the company’s filings with US regulators.
Musk’s salary
The car firm is also facing other issues, with a struggle over Mr Musk’s compensation still raging on.
On Wednesday, Tesla asked shareholders to vote for a proposal to accept Mr Musk’s compensation package – once valued at $56bn – which had been rejected by a Delaware judge.
The judge found Tesla’s directors had breached their fiduciary duty to the firm by awarding Mr Musk the pay-out.
Due to the fall in Tesla’s stock value, the compensation package is now estimated to be around $10bn less – but still greater than the GDP of many countries.
In addition, Tesla wants its shareholders to agree to the firm being moved from Delaware to Texas – which Mr Musk called for after the judge rejected his payday.
Business
Stock market today: Nasdaq futures pop, Tesla surges after earnings with more heavyweights on deck
|
Tech stocks rose on Wednesday, outstripping the broader market as investors welcomed Tesla’s (TSLA) cheaper car pledge and waited for the next rush of corporate earnings.
The Nasdaq Composite (^IXIC) rose roughly 0.6%, coming off a sharp closing gain. The S&P 500 (^GSPC) was up 0.2%, continuing a rebound from its longest losing streak of 2024, while the Dow Jones Industrial Average (^DJI) fell 0.1%.
Tesla shares jumped nearly 12% after the EV maker’s vow to speed up the launch of more affordable models eclipsed its quarterly earnings and revenue miss. That cheered up investors worried about growth amid a strategy shift to robotaxis and the planned cancellation of a cheaper model.
The results from the first “Magnificent Seven” to report have intensified the already high hopes for Big Tech earnings, that the megacaps can revive the rally in stocks they powered. The spotlight is now on Meta’s (META) report due after the market close, as the Facebook owner’s shares rose after the Senate voted for a potential ban on rival TikTok. Microsoft (MSFT) and Alphabet (GOOG) next up on Thursday.
Meanwhile, Boeing (BA) reported better than expected first quarter results before the opening bell with a loss per share of $1.13, narrower than the $1.72 estimated by Wall Street. Shares rose about 2% in morning trade.
Live6 updates
-
Health22 hours ago
Remnants of bird flu virus found in pasteurized milk, FDA says
-
News19 hours ago
Amid concerns over ‘collateral damage’ Trudeau, Freeland defend capital gains tax change
-
Art23 hours ago
Random: We’re In Awe of Metaphor: ReFantazio’s Box Art
-
Art16 hours ago
The unmissable events taking place during London’s Digital Art Week
-
Politics20 hours ago
How Michael Cohen and Trump went from friends to foes
-
Tech23 hours ago
Surprise Apple Event Hints at First New iPads in Years
-
Science21 hours ago
NASA hears from Voyager 1, the most distant spacecraft from Earth, after months of quiet
-
Media22 hours ago
Vaughn Palmer: B.C. premier gives social media giants another chance