Raymond Lemay is back working at his computer, something he wasn’t able to do a few months back. In November, staff of Family and Children’s Services of Lanark, Leeds and Grenville were hit with a “malware” attack that locked them out their systems until they paid a $60,000 ransom.
As it turned out, the office caught a lucky break. IT staff were able to restore the system within eight hours — and without having to pay hackers.
“We were very lucky,” recalls Lemay, executive director of the office. The office had good backup systems, and one of these was offline at the time of the attack. “That meant it wasn’t encrypted by this ransomware.”
Lemay says he wants to assure the public that no one’s private or personal data was taken as a result of the attack.
Not everyone escapes so easily. David Skillicorn, a computer science professor at Queen’s University, says ransomware is becoming more prevalent across the globe.
“It allows even bottom-feeding criminals to actually make some money out of cybercrime. It’s so easy,” Skillicorn explains. “You can buy the tools to do it on the dark web.”
Skillicorn says anti virus and anti malware software helps, but unfortunately people don’t use those tools often enough.
Ransomware most commonly gets into computer networks through emails. Criminals are getting very adept at crafting emails that look legitimate enough for unsuspecting computer users to open them without suspecting a problem.
“The bad guys are becoming more sophisticated,” he says. “You often find emails that you really can’t tell without careful inspection whether they’re the real thing or not.”
Skillicorn’s advice: if in doubt, deleting the email is the safest course.
As for Family and Children’s Services of Lanark, Leeds and Grenville, the office might have caught that lucky break, but the malware attack was still a hassle. Lemay says it took cybersecurity experts two to three weeks to eliminate the malware from the office’s computer network.
As for how the malware got on the office’s network in the first place, that remains a mystery.
“It could have been through somebody using a flash drive. It couldn’t have been through an email. It could have been any number of things,” Lemay says. “We really don’t know.”