A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

Canadian man charged in U.S. with NetWalker ransomware attacks

The ransomware, like similar malware, often infiltrates computer networks via phishing emails

An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday.

According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million.

The accused is alleged to be part of a shadowy group of cyber criminals who have attacked several targets in Canada, including the College of Nurses of Ontario, a Canadian Tire store in B.C., and the Northwest Territories Power Corporation.

“Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation,” Nicholas McQuaid, an acting assistant attorney general with the Justice Department, said in a statement.

U.S. authorities said they had seized about US$455,000 in cryptocurrency from ransom payments in three separate attacks. They also said authorities in Bulgaria had disabled a “dark web” resource used to communicate with NetWalker ransomware victims.

NetWalker operates as a so-called ransomware-as-a-service model, featuring “developers” and “affiliates,” who split the proceeds of any ransom paid. Experts say NetWalker attacks really took off last March as the criminals exploited fears of COVID-19 and people working remotely.

The ransomware, like similar malware, often infiltrates computer networks via phishing emails. Such messages masquerade as genuine, prompting users to provide log-in information or inadvertently download malware.

Earlier ransomware attacks focused on encrypting a target’s files — putting them and even backups out of reach. Increasingly, attackers also threaten to publish sensitive data stolen during the time spent inside an exploited network before encryption and detection.

Once a victim’s computer network is compromised and the data encrypted and downloaded, the NetWalker criminals demand money to return system access. If victims refuse, they might never regain their data or, more frequently now, the information is made public.

NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges and universities. Recent attacks have specifically targeted the health-care sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.

Brett Callow, a Vancouver Island-based threat analyst with cybersecurity firm, Emsisoft, said the group had made millions. In one case last year, they extorted $1.4 million from a California university.

Police urged any victims to contact law enforcement right away.

“This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable,” Special Agent Michael McPherson, with the FBI’s field office in Tampa, Fla., said.

Colin Perkel, The Canadian Press

hackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

A nurse performs a test on a patient at a drive-in COVID-19 clinic in Montreal, on Wednesday, October 21, 2020. (THE CANADIAN PRESS/Paul Chiasson)
30 new COVID-19 cases, five more deaths in Interior Health

This brings the total number of cases to 7,271 since testing began

Castlegar’s Gabrielle Herle (right) will be one of the speakers at the conference. She is seen here with Wendy Gaskill from Chinook Scaffolding accepting their Contractor of the Year Award in 2019 from the Builders Code Champion Awards. Photo: Submitted
Girls in STEAM and Leadership Conference offered free for all girls in the Kootenay Boundary

Virtual conference for girls in grades 8 to 12 will be taking place on March 8

FILE – A COVID-19 vaccine being prepared. (Olivia Sullivan/Sound Publishing)
B.C. seniors 80 years and older to get COVID vaccine details over next 2 weeks: Henry

Province is expanding vaccine workforce as officials ramp up age-based rollout

Interior Health reported 43 new COVID-19 cases in the region Feb. 23, 2021 and no additional deaths. (Jennifer Smith - Morning Star)
43 new cases of COVID reported in Interior Health

No new deaths, Williams Lake outbreak over

Dr. Bonnie Henry talk about the next steps in B.C.'s COVID-19 Immunization Plan during a press conference at Legislature in Victoria, B.C., on Friday, January 22, 2021. THE CANADIAN PRESS/Chad Hipolito
456 new COVID-19 cases in B.C., 2 deaths

Since January 2020, 78,278 have tested positive for the novel coronavirus in B.C.

A health-care worker prepares a dose of the Pfizer-BioNTech COVID-19 vaccine at a UHN COVID-19 vaccine clinic in Toronto on Thursday, January 7, 2021. (THE CANADIAN PRESS/Nathan Denette)
Vaccinating essential workers before seniors in B.C. could save lives: experts

A new study says the switch could also save up to $230 million in provincial health-care costs

The late Michael Gregory, 57, is accused of sexually exploiting six junior high students between 1999 and 2005. (Pixabay)
Former Alberta teacher accused of sexually assaulting students found dead in B.C.

Mounties say Michael Gregory’s death has been deemed ‘non-suspicious’

According to a new poll, a majority of Canadians want to see illicit drugs decriminalized. (THE ASSOCIATED PRESS)
Majority of Canadians think it’s high time to decriminalize illicit drugs: poll

More than two-times the B.C. residents know someone who died from an overdose compared to rest of Canada

Ranchero Deep Creek firefighters respond to a blaze involving two adjacent structures at a property off of Deep Creek Road on Sunday, Feb. 21. The buildings were believed to have been used as part of a cannabis growing operation, and RCMP are investigating. (Sean Coubrough/CSRD photo)
Ranchero Deep Creek firefighters respond to a blaze involving two adjacent structures at a property off of Deep Creek Road on Sunday, Feb. 21. The buildings were believed to have been used as part of a cannabis growing operation, and RCMP are investigating. (Sean Coubrough/CSRD photo)
Shuswap firefighters responding to structure blaze find cannabis grow operation

RCMP investigating, attempting to track down owner of property

Interior Health officially declared a COVID-19 outbreak at Creekside Landing in Vernon on Jan. 3, which was followed by the first death from the virus 10 days later. (Kaigo photo)
COVID outbreak over at Vernon care home

Creekside Landing cleared of coronavirus, despite additional death in last day

Photograph By @KAYLAXANDERSON
VIDEO: Lynx grabs lunch in Kamloops

A lynx surprises a group of ducks and picks one off for lunch

(Stock photo)
EDITORIAL: The freedom to read

Books have been challenged many times in the past

Most Read