March 1, 2018 10:49 am
Updated: March 2, 2018 10:37 am

Family and Children’s Services of Lanark, Leeds and Grenville suffered cyberattack

A A

Raymond Lemay is back working at his computer, something he wasn’t able to do a few months back. In November, staff of Family and Children’s Services of Lanark, Leeds and Grenville were hit with a “malware” attack that locked them out their systems until they paid a $60,000 ransom.

As it turned out, the office caught a lucky break. IT staff were able to restore the system within eight hours — and without having to pay hackers.

Story continues below

“We were very lucky,” recalls Lemay, executive director of the office. The office had good backup systems, and one of these was offline at the time of the attack. “That meant it wasn’t encrypted by this ransomware.”

Lemay says he wants to assure the public that no one’s private or personal data was taken as a result of the attack.

Not everyone escapes so easily. David Skillicorn, a computer science professor at Queen’s University, says ransomware is becoming more prevalent across the globe.

“It allows even bottom-feeding criminals to actually make some money out of cybercrime. It’s so easy,” Skillicorn explains. “You can buy the tools to do it on the dark web.”

READ MORE: New cybersecurity rules coming this winter amid year of massive hacks: Ralph Goodale

Skillicorn says anti virus and anti malware software helps, but unfortunately people don’t use those tools often enough.

Ransomware most commonly gets into computer networks through emails. Criminals are getting very adept at crafting emails that look legitimate enough for unsuspecting computer users to open them without suspecting a problem.

“The bad guys are becoming more sophisticated,” he says. “You often find emails that you really can’t tell without careful inspection whether they’re the real thing or not.”

READ MORE: Small businesses often more vulnerable to cyberattacks, experts say

Skillicorn’s advice: if in doubt, deleting the email is the safest course.

As for Family and Children’s Services of Lanark, Leeds and Grenville, the office might have caught that lucky break, but the malware attack was still a hassle. Lemay says it took cybersecurity experts two to three weeks to eliminate the malware from the office’s computer network.

As for how the malware got on the office’s network in the first place, that remains a mystery.

“It could have been through somebody using a flash drive. It couldn’t have been through an email. It could have been any number of things,” Lemay says. “We really don’t know.”

 

© 2018 Global News, a division of Corus Entertainment Inc.

Report an error

Comments

Want to discuss? Please read our Commenting Policy first.

Global News