A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

Canadian man charged in U.S. with NetWalker ransomware attacks

The ransomware, like similar malware, often infiltrates computer networks via phishing emails

An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday.

According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million.

The accused is alleged to be part of a shadowy group of cyber criminals who have attacked several targets in Canada, including the College of Nurses of Ontario, a Canadian Tire store in B.C., and the Northwest Territories Power Corporation.

“Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation,” Nicholas McQuaid, an acting assistant attorney general with the Justice Department, said in a statement.

U.S. authorities said they had seized about US$455,000 in cryptocurrency from ransom payments in three separate attacks. They also said authorities in Bulgaria had disabled a “dark web” resource used to communicate with NetWalker ransomware victims.

NetWalker operates as a so-called ransomware-as-a-service model, featuring “developers” and “affiliates,” who split the proceeds of any ransom paid. Experts say NetWalker attacks really took off last March as the criminals exploited fears of COVID-19 and people working remotely.

The ransomware, like similar malware, often infiltrates computer networks via phishing emails. Such messages masquerade as genuine, prompting users to provide log-in information or inadvertently download malware.

Earlier ransomware attacks focused on encrypting a target’s files — putting them and even backups out of reach. Increasingly, attackers also threaten to publish sensitive data stolen during the time spent inside an exploited network before encryption and detection.

Once a victim’s computer network is compromised and the data encrypted and downloaded, the NetWalker criminals demand money to return system access. If victims refuse, they might never regain their data or, more frequently now, the information is made public.

NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges and universities. Recent attacks have specifically targeted the health-care sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.

Brett Callow, a Vancouver Island-based threat analyst with cybersecurity firm, Emsisoft, said the group had made millions. In one case last year, they extorted $1.4 million from a California university.

Police urged any victims to contact law enforcement right away.

“This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable,” Special Agent Michael McPherson, with the FBI’s field office in Tampa, Fla., said.

Colin Perkel, The Canadian Press

hackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

The 5th Street Bridge requires structural improvements, new coating to repair and prevent corrosion, and deck repairs. File photo
City of Courtenay awards contract for 5th Street Bridge project

The City of Courtenay has awarded the contract for the rehabilitation of… Continue reading

Pumpjacks pump crude oil near Halkirk, Alta., June 20, 2007.THE CANADIAN PRESS/Larry MacDougal
Gas prices jump in the Valley – and experts predict prices to rise even more

“We still could be talking about record prices…”

NIC Practical Nursing instructor Barb McPherson (right) is pictured with student Rebecca Wood in 2018 in NIC’s SIM lab. NIC photo
Learn about Practical Nursing opportunities for Island students

Students interested in exploring a future in health care are invited to… Continue reading

The Comox Valley Cycling Coalition is hoping to see more bike lines in the Cumberland area. Photo by Mike Chouinard
Cycling coalition wants better bike links for Cumberland

Group says members want more connections with Comox Valley

The Courtenay Legion has identified 16 homeless veterans living in the Comox Valley. File photo
Courtenay Legion unites with Qualicum to help homeless veterans

Last year’s Point-in-Time (PIT) homeless count conducted in the Comox Valley identified… Continue reading

Cannabis bought in British Columbia (Ashley Wadhwani/Black Press Media)
Is it time to start thinking about greener ways to package cannabis?

Packaging suppliers are still figuring eco-friendly and affordable packaging options that fit the mandates of Cannabis Regulations

Older rental apartments are prime candidates for renovations, and could result in lost affordable housing stock. (Zoë Ducklow photo)
B.C.’s renoviction overhaul a good start, but won’t preserve affordable stock, lawyer says

And still no protection for people who can’t pay rent due to COVID-19

Activists from the Fairy Creek Blockades hold the injunction application notice which was submitted by logging company Teal Jones to the B.C. Supreme Court. The application, which asks to have blockaders removed from the sites that stop access to cut blocks, is set to be heard on March 4. (Photo contributed/Joshua Wright)
Activists hunker down to protect Fairy Creek near Port Renfrew from logging

Forest company Teal Cedar applies for injunction to remove seven-month-old blockades

(Photo by Marissa Baecker/Shoot the Breeze)
B.C. WHL teams to hit the ice with Kelowna, Kamloops hub cities

Kelowna, Kamloops centres chosen to host B.C. WHL teams for 24-game regular season

The victim of the homicide on Cowichan Lake Road early Monday morning was 17 years old, and was stabbed in the incident. (File photo)
Duncan homicide victim was 17 years old

RCMP report that teenager was stabbed

(File photo)
RCMP arrest man after report of gun-toting threat-maker near Parksville schools

43-year-old man taken into custody; students at nearby schools were asked to stay inside

The machines are akin to ATMs and allow drug users at risk of overdose to get hydromorphone pills dispensed to them after their palm has been scanned to identify its unique vein pattern. (CANADIAN PRESS)
Feds dole out $3.5M for ‘vending machines’ to dispense safer opioids in B.C.

The machines are located in four cities across Canada, including Vancouver and Victoria

Most Read