Cyber Incident Victim: Manufacturing company in Strathroy
Date:
Sep 2019
Location:
Canada
Summary
A ransomware attack targeted a manufacturing company in Strathroy and compromised hospital systems serving Listowel and Wingham, forcing temporary closures of oncology and diagnostic clinics while redirecting non-emergency patients. The incident prompted investigations by law enforcement amid broader concerns about regional cyber threats to interconnected healthcare infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late September 2019, a series of cyberattacks impacted multiple municipalities and organizations across southwestern Ontario. Following earlier ransomware incidents in Stratford (August 2019) and Woodstock (earlier that week), three additional entities were compromised: a manufacturing company in Strathroy and hospital networks serving Listowel and Wingham. The attacks occurred within a narrow timeframe, with hospital officials confirming service disruptions on September 27. The healthcare systems experienced immediate operational consequences, forcing the temporary closure of oncology and diagnostic clinics at affected hospitals. Non-emergency patients were redirected or advised to return later due to system inaccessibility. Karl Ellis, CEO of the Listowel Hospital Alliance, publicly acknowledged the disruption but could not provide recovery timelines during the initial response phase. Forensic evidence indicated ransomware deployment—malicious software designed to encrypt systems until payment was made—though specific variants weren't disclosed. This attack pattern mirrored Stratford's incident where municipal officials had paid $75,000 to regain data access weeks earlier.
Response actions included immediate containment measures by Listowel hospital administrators to prevent malware propagation across Ontario's interconnected healthcare networks. The Ontario Provincial Police Cybercrimes Unit initiated formal investigations into all affected entities, though no attribution details were released publicly. Technological analysts like Carmi Levy contextualized the incidents as part of a broader trend targeting critical infrastructure, emphasizing ransomware's disruptive equivalence to physical disasters. While the manufacturing company's specific operational impacts weren't detailed, its inclusion confirmed attacks beyond municipal and healthcare targets. No ransom payment disclosures were made for either the Strathroy manufacturer or hospital networks, contrasting with Stratford's confirmed payout. Service restoration timelines remained uncertain during the initial reporting period, with hospital officials maintaining emergency care capabilities through alternative protocols while diagnostic and specialty services remained offline.