Menu

Topics

Connect

Comments

Want to discuss? Please read our Commenting Policy first.

Government of Nunavut falls victim to ransomware attack

A woman types on a keyboard in Vancouver on Wednesday, December, 19, 2012. Jonathan Hayward / The Canadian Press

The Government of Nunavut has fallen victim to a cyberattack, officials say.

Story continues below advertisement

In a tweet posted Saturday night, Nunavut Premier Joe Savikataaq said the government’s  IT system had been hacked “early this morning” by a “virus” that had “targeted public services.”

“We’re working around the clock to see the scope of the issue & get everyone back online,” he wrote.

Savikataaq said the virus “affects more than just Iqaluit” but that officials are not sure just how far it reaches.

In a post on Facebook the Government of Nunavut identified the incident as a ransomware attack.

In an update on Sunday, the government said the ransomware encrypted “individual files” on various servers and workstations.
 
Story continues below advertisement
“As a result, all government services requiring access to electronic information stored on the GN network are impacted, except Qulliq Energy Corporation,” the news release reads.
The government says there is “no concern at this time with the loss of personal information or privacy breaches.”
 
“Typically, ransomware does not distribute information to other parties and cannot access the content itself,” the release reads. “It can only block the user from further accessing the information.”

According to the RCMP website, ransomware is a malicious software which infects a computer and denies access to the system or data, and demands a sum of money to restore the information.

The RCMP says currently, the most common form of ransomware will encrypt data.

“Victims will receive an on-screen alert stating their files have been encrypted or a similar message, depending on the type of ransomware,” the RCMP website reads.

Story continues below advertisement
According to the release, once the issue was identified, officials took “immediate action” and isolated the network and notified cybersecurity experts.
 
“GN services remain available and open,” the release says. “But some services will be delayed.”

In a tweet posted Saturday, Jimi Onalik, Nunavut’s director of planning and communications, said the government was “actively addressing the computer network issue” and was “working with IT security companies and internet and software providers.”

Story continues below advertisement

Onalik said officials do not have an estimated time for when the services would be restored, saying only that some government services may experience delays.

In a tweet on Saturday, Iqaluit city councilor Kyle Sheppard said the incident could have “major impact” on government operations this week.

Ransomware attacks on the rise

According to the RCMP, the incidents of ransomware in Canada are rising “at an alarming rate.”

In 2015, the RCMP says, Canadians were affected by 1,600 ransomware attacks a day, but by September 2016 the number of attacks nearly doubled.

“Those are the known cases,” the RCMP website reads. “Many incidents still go unreported.”

Story continues below advertisement

In April, the city of Stratford Ont., had its servers targeted by an apparent ransomware attack.

A few months later, in September, the Ontario city of Woodstock’s computer system was infected by a virus.

Last year, the town of Midland, north of Toronto, Ont., paid hackers eight bitcoins for the encryption keys to unlock its servers locked in a cyberattack.

Story continues below advertisement

Similarly, the Town of Wasaga Beach paid nearly $35,000 to cyber criminals in order to regain access to town servers, which had been held ransom for seven weeks.

The RCMP discourages victims from paying ransom, saying there is no guarantee that the data will be recovered.

The force says a victim who pays the ransom may be extorted for more money once the initial amount is paid and could make themselves a target for future attacks.

Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article