A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

Canadian man charged in U.S. with NetWalker ransomware attacks

The ransomware, like similar malware, often infiltrates computer networks via phishing emails

An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday.

According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million.

The accused is alleged to be part of a shadowy group of cyber criminals who have attacked several targets in Canada, including the College of Nurses of Ontario, a Canadian Tire store in B.C., and the Northwest Territories Power Corporation.

“Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation,” Nicholas McQuaid, an acting assistant attorney general with the Justice Department, said in a statement.

U.S. authorities said they had seized about US$455,000 in cryptocurrency from ransom payments in three separate attacks. They also said authorities in Bulgaria had disabled a “dark web” resource used to communicate with NetWalker ransomware victims.

NetWalker operates as a so-called ransomware-as-a-service model, featuring “developers” and “affiliates,” who split the proceeds of any ransom paid. Experts say NetWalker attacks really took off last March as the criminals exploited fears of COVID-19 and people working remotely.

The ransomware, like similar malware, often infiltrates computer networks via phishing emails. Such messages masquerade as genuine, prompting users to provide log-in information or inadvertently download malware.

Earlier ransomware attacks focused on encrypting a target’s files — putting them and even backups out of reach. Increasingly, attackers also threaten to publish sensitive data stolen during the time spent inside an exploited network before encryption and detection.

Once a victim’s computer network is compromised and the data encrypted and downloaded, the NetWalker criminals demand money to return system access. If victims refuse, they might never regain their data or, more frequently now, the information is made public.

NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges and universities. Recent attacks have specifically targeted the health-care sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.

Brett Callow, a Vancouver Island-based threat analyst with cybersecurity firm, Emsisoft, said the group had made millions. In one case last year, they extorted $1.4 million from a California university.

Police urged any victims to contact law enforcement right away.

“This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable,” Special Agent Michael McPherson, with the FBI’s field office in Tampa, Fla., said.

Colin Perkel, The Canadian Press

hackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Ladysmith Secondary School. (File photo)
Ladysmith Secondary reports another COVID-19 exposure

This makes LSS the school with the most exposure days in the Island Health region currently

Plantitude’s ‘Stargazer Bubbles’. (Plantitude photo)
Plantitude offers ‘stargazer bubble’ dining experience

The 10 foot by seven foot bubbles can seat up to six people

It’s been almost a year since the last public performance inside the Chemainus Theatre. (Photo by Don Bodger)
Lead donors pledge $60,000 in matching campaign at the Chemainus Theatre

Perrys, Hiltons and Duncan Iron Works help to Bridge the Gap during COVID shutdown

Doug Routley is the chair of a special committee on reforming the Police Act. (File photo)
Routley selected chair of a special committee on reforming the Police Act

Nanaimo-North Cowichan MLA acknowledges there will be a lot of material to process

Ladysmith’s famous Festival of Lights decorations are still up as of March 1, 2021. (Cole Schisler photo)
PHOTOS: It’s still looking a lot like Christmas in Ladysmith

Festival of Lights volunteers cannot remove the holiday roof top displays due to COVID-19

COVID-19 vaccines were available at a site on East Pender in Vancouver’s Downtown Eastside Feb. 25. (Twitter/Sarahblyth17)
Vancouver’s Downtown Eastside residents offered $5 after getting COVID-19 vaccine

It’s an effort to ‘incentivize people to engage,’ says B.C. Health Minister Adrian Dix

</p>
A survey by Statistics Canada finds Black Canadians earn less than non-visible minority Canadians despite having higher levels of education. (The Canadian Press file photo)
COVID-19 worsened unemployment picture for Black Canadians

Black Canadians also more likely to suffer other hardships

(Black Press Media files)
B.C. teacher transferred then suspended after students report feeling ‘scared, nervous’

Authorities found that teacher did not create inviting, respectful environment for students

Victoria’s Swartz Bay terminal. (Black Press Media file photo)
BC Ferries offers cheaper, prepaid fare options

Ferry service preparing for busy terminals when travel restrictions are lifted

FILE - Dolly Parton arrives at the 61st annual Grammy Awards on Feb. 10, 2019, in Los Angeles. The Grammy-winning singer, actor and humanitarian posted a video on Tuesday, March 2, 2021, of her singing just before getting her COVID-19 vaccine shot. Parton donated $1 million to Vanderbilt University Medical Center in Nashville, Tennessee for coronavirus research. (Photo by Jordan Strauss/Invision/AP, File)
‘Vaccine, vaccine’: Dolly sings ‘Jolene’ rewrite before shot

The Grammy-winning legend turned 75 this year

Deputy Prime Minister and Minister of Finance Chrystia Freeland speaks about the Fiscal update during a news conference in Ottawa, Monday November 30, 2020. THE CANADIAN PRESS/Adrian Wyld
COVID-19: Wage and rent subsidies, lockdown support to be extended until June

Chrystia Freeland says now is not time to lower levels of support

The area on Cordova Bay Road where ancestral human remains were discovered Feb. 22. (Submitted photo)
Human remains discovery a reminder of B.C. Indigenous culture dug up and displaced

‘These are the people who inspired and birthed the generations that we now have here’

Most Read