Advertisement

B.C. cyber-cop Europe-bound in hunt for ransomware attacker

Click to play video: 'Delta cybercop Europe-bound in hunt for ransomware attacker'
Delta cybercop Europe-bound in hunt for ransomware attacker
A Delta police officer will be charting new territory when he heads overseas this month to join European counterparts attempting to crack a cybercrime case. Paul Johnson has more on his Netherlands mission – Dec 11, 2021

A Delta, B.C., police officer will be charting new territory when he heads overseas this month to join European counterparts attempting to crack a cybercrime case.

Const. Dustin Classen, with the Delta Police Department’s cybercrime unit, will be meeting in The Hauge, Netherlands, with a team from the European Union’s police agency that’s chasing the same suspect.

“Because the cybercriminals are so internationally based, we don’t really know where they are,” Classen said.

What police do know: Earlier this year, a malicious actor was able to exploit a weakness in Microsoft Exchange to get into a mid-sized Delta business’s network. They were then able to encrypt it, locking the owners out in what’s known as a ransomware attack.

Story continues below advertisement

A demand was made for payment to unlock the network, but the business restored its system from backups and went to the police.

Click to play video: 'Cyber criminals increasingly attacking critical Canadian infrastructure'
Cyber criminals increasingly attacking critical Canadian infrastructure

Classen said investigators were able to collect “digital fingerprints” from data in the hack, and shared them with counterparts at Europol. Investigators in Europe were able to link those identifiers to attacks in several European countries.

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.

Get breaking National news

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

“Now we have another agency that has a whole different set of circumstances. If we can connect with them, and pool our resources, maybe we can put the pieces of the puzzle together and figure out who it is.”

It’s a big step for Delta’s small cybercrime unit, which Classen said has doubled in size in recent years.

Story continues below advertisement

Ransomware attacks have become a growing threat. TransLink, Vancouver Coastal Health, and a third-party service provider BC Cancer were all targeted by such attacks in the last two years alone.

A recent survey by the Angus Reid Institute for Palo Alto Networks suggested that 55 per cent of IT decision-makers had reported their organization getting hit with a ransomware attack. One in five respondents said they’d been attacked more than once.

Click to play video: 'World’s largest meat supplier back online after ransomware attack forces US operations to halt'
World’s largest meat supplier back online after ransomware attack forces US operations to halt

The consequences can be costly: The average ransom demanded was nearly $450,000.

Classen said the Delta attack was a potent reminder of the value of keeping security up to date. The Microsoft Exchange weakness the attackers exploited was actually the subject of a security patch the software company had released, which Classen said may have been how the hackers found their target.

Story continues below advertisement

“If you don’t implement those patches or implement them correctly — what was happening is the bad actors or cybercriminals were scanning the network looking for vulnerable servers.”

Meanwhile, Classen said his unit has been even busier dealing with a wave of “cyber-enabled” crime targeting individuals.

Click to play video: 'Some services restored after TransLink ransomware attack'
Some services restored after TransLink ransomware attack

The most popular scam at present, he said, are bogus cryptocurrency “investing” opportunities.

Attackers set up fraudulent investment sites, then hunt their targets over social media or dating sites, promising low-risk quick returns.

“A lot of people really don’t understand cryptocurrency,” he said.

Story continues below advertisement

“And so when somebody comes out of the blue and says, ‘Look, you can make a lot of money doing this and I can show you how,’ and they’re friendly … I can see how people would fall into that scheme.”

Delta police are hoping that Classen’s trip to meet with veteran European cybersleuths will pay off in new skills and capacity for the unit in battling the wave of cyberattacks back home.

“It’s a big deal for us in Delta. I don’t think we’ve ever partaken in such an international effort,” he said.

“We’re a pretty small municipal department, but we are making pretty good strides in our cybercrime unit.”

Sponsored content

AdChoices