A Delta, B.C., police officer will be charting new territory when he heads overseas this month to join European counterparts attempting to crack a cybercrime case.
Const. Dustin Classen, with the Delta Police Department’s cybercrime unit, will be meeting in The Hauge, Netherlands, with a team from the European Union’s police agency that’s chasing the same suspect.
“Because the cybercriminals are so internationally based, we don’t really know where they are,” Classen said.
What police do know: Earlier this year, a malicious actor was able to exploit a weakness in Microsoft Exchange to get into a mid-sized Delta business’s network. They were then able to encrypt it, locking the owners out in what’s known as a ransomware attack.
A demand was made for payment to unlock the network, but the business restored its system from backups and went to the police.
Classen said investigators were able to collect “digital fingerprints” from data in the hack, and shared them with counterparts at Europol. Investigators in Europe were able to link those identifiers to attacks in several European countries.
“Now we have another agency that has a whole different set of circumstances. If we can connect with them, and pool our resources, maybe we can put the pieces of the puzzle together and figure out who it is.”
It’s a big step for Delta’s small cybercrime unit, which Classen said has doubled in size in recent years.
Ransomware attacks have become a growing threat. TransLink, Vancouver Coastal Health, and a third-party service provider BC Cancer were all targeted by such attacks in the last two years alone.
A recent survey by the Angus Reid Institute for Palo Alto Networks suggested that 55 per cent of IT decision-makers had reported their organization getting hit with a ransomware attack. One in five respondents said they’d been attacked more than once.
The consequences can be costly: The average ransom demanded was nearly $450,000.
Classen said the Delta attack was a potent reminder of the value of keeping security up to date. The Microsoft Exchange weakness the attackers exploited was actually the subject of a security patch the software company had released, which Classen said may have been how the hackers found their target.
“If you don’t implement those patches or implement them correctly — what was happening is the bad actors or cybercriminals were scanning the network looking for vulnerable servers.”
Meanwhile, Classen said his unit has been even busier dealing with a wave of “cyber-enabled” crime targeting individuals.
The most popular scam at present, he said, are bogus cryptocurrency “investing” opportunities.
Attackers set up fraudulent investment sites, then hunt their targets over social media or dating sites, promising low-risk quick returns.
“A lot of people really don’t understand cryptocurrency,” he said.
“And so when somebody comes out of the blue and says, ‘Look, you can make a lot of money doing this and I can show you how,’ and they’re friendly … I can see how people would fall into that scheme.”
Delta police are hoping that Classen’s trip to meet with veteran European cybersleuths will pay off in new skills and capacity for the unit in battling the wave of cyberattacks back home.
“It’s a big deal for us in Delta. I don’t think we’ve ever partaken in such an international effort,” he said.
“We’re a pretty small municipal department, but we are making pretty good strides in our cybercrime unit.”
Comments