The Government of Saskatchewan has fallen victim to a malicious cyber-attack that is causing outages on Saskatchewan.ca.
This is happening while wannacrypt (AKA WannaCry) ransomware has impacted organizations in over 150 countries over the past four days.
WannaCry locks computers and associated devices on the same network. The program forces users to pay a ransom in order to get the files back, while threatening to delete the files.
A government official said that it has not been determined if WannaCry is the malware impacting computer systems.
The type of attack the Government of Saskatchewan website suffered is known as a denial of service attack. This is when a website will be flooded with too much traffic for it to handle, which can cause the site to shut down.
“I want to say in the last month, we’ve seen really an unprecedented level of activity in terms of malicious malware,” Central Services deputy minister Richard Murray said.
The website was down for approximately two hours on Sunday night, and appears to be back up and running. The internet was also down for parts of Monday morning in Central Services because of the attack.
The deputy minister added that personal information is not threatened by a denial of service attack.
Murray said the government has not received any kind of ransom request at this point.
The province says they are actively using all available tools and consulting with security experts.
David Gerhard, a computer science associate professor at the University of Regina, said there are a variety of reasons someone would launch a denial of service attack.
“Sometimes it’s purely vandalism, just to get the website off the net. Sometimes it can be malicious to interrupt service,” he explained.
According to Murray, the government sees thousands of attempted cyber-attacks every day and the sophistication is increasing.
In response, security systems are continually upgraded as technology evolves.
Gerhard said this is a necessity. He described cyber-attacks as an ongoing arms race.
“The bad guys are always trying to do new things. You can update your systems as much as you can, but there’s often going to be small problems that are discovered that then get used as vectors for new attacks,” Gerhard said.
“Cyber security is one of those things where you have to keep upgrading your systems.”
If you fall victim to a ransomware attack, Gerhard said the best course of action is to completely wipe your system and restore it from a back-up. He added if you pay the ransom, the attacker still has the ransomware on your computer and can lock you out again.
Murray said the government is prepared to take this course of action if necessary.