Skip to content

Canada not immune to ransomware attacks

TORONTO — Canada is not immune to online extortion, despite apparently sidestepping a massive attack that temporarily crippled networks around the world, a cybersecurity expert said.
web1_170513-RDA-M-P-Cyber-edh-170514--1-

TORONTO — Canada is not immune to online extortion, despite apparently sidestepping a massive attack that temporarily crippled networks around the world, a cybersecurity expert said.

Atty Mashatan, a professor at Ryerson University’s School of Information Technology Management, said it was nothing more than a fluke that Canada appears to have been spared from Friday’s ransomware attack that disrupted services in Russia, the U.S., Ukraine, Spain and India.

Attacks like this one, dubbed “WannaCry” for the “WannaCrypt” technology used to execute it, happen when a type of software seizes control of a computer, encrypting its contents and rendering them inaccessible.

“The vehicle that the malware going from one device to the other is spam. The most common way that they do that is via a link in an email,” Mashatan said. ”It looks as if it’s from someone you know, in your contacts. You click on it, and bingo. The actual malware, the file, is downloaded.”

The perpetrators then demand hundreds or thousands of dollars to unlock the victims’ computers — essentially holding the documents, photos and other items on the computer for ransom.

“This one wasn’t really a targeted attack at all,” Mashatan said. “They usually run this campaign and hope to infect as many devices as they can.”

“This time around we were lucky,” she said. “There’s so many people who are emailing one another within the U.K., whereas the traffic between the U.K. and Canada is not as much.”

But if the wrong person had clicked on an infected link, they could have spread the ransomware to Canada.

Computer users worldwide — and everyone else who depends on them — should assume that the next big “ransomware” attack has already been launched, and just hasn’t manifested itself yet, Ori Eisen, who founded the Trusona cybersecurity firm, told The Associated Press.

The attack appears to be “low-level” stuff, given the amounts of ransom demanded, Eisen said Saturday.

He said the same thing could be done to crucial infrastructure, like nuclear power plants, dams or railway systems.

A representative from Public Safety Canada said the Canadian Cyber Incident Response Centre is aware of the reported attacks, but made no mention on whether any Canadian users were affected.

The Communications Security Establishment, a Canadian intelligence agency, said in a statement Saturday that the federal government’s computer networks do not appear to have been affected by the attack.

In the meantime, Mashatan said it’s important for everyday people to remain vigilant to prevent these attacks from spreading.

She said people should keep their computers’ operating systems up-to-date, because the latest updates often patch up security holes. People should also avoid clicking on suspicious links.

—With files by The Associated Press.

Nicole Thompson, The Canadian Press