A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

Canadian man charged in U.S. with NetWalker ransomware attacks

The ransomware, like similar malware, often infiltrates computer networks via phishing emails

An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday.

According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million.

The accused is alleged to be part of a shadowy group of cyber criminals who have attacked several targets in Canada, including the College of Nurses of Ontario, a Canadian Tire store in B.C., and the Northwest Territories Power Corporation.

“Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation,” Nicholas McQuaid, an acting assistant attorney general with the Justice Department, said in a statement.

U.S. authorities said they had seized about US$455,000 in cryptocurrency from ransom payments in three separate attacks. They also said authorities in Bulgaria had disabled a “dark web” resource used to communicate with NetWalker ransomware victims.

NetWalker operates as a so-called ransomware-as-a-service model, featuring “developers” and “affiliates,” who split the proceeds of any ransom paid. Experts say NetWalker attacks really took off last March as the criminals exploited fears of COVID-19 and people working remotely.

The ransomware, like similar malware, often infiltrates computer networks via phishing emails. Such messages masquerade as genuine, prompting users to provide log-in information or inadvertently download malware.

Earlier ransomware attacks focused on encrypting a target’s files — putting them and even backups out of reach. Increasingly, attackers also threaten to publish sensitive data stolen during the time spent inside an exploited network before encryption and detection.

Once a victim’s computer network is compromised and the data encrypted and downloaded, the NetWalker criminals demand money to return system access. If victims refuse, they might never regain their data or, more frequently now, the information is made public.

NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges and universities. Recent attacks have specifically targeted the health-care sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.

Brett Callow, a Vancouver Island-based threat analyst with cybersecurity firm, Emsisoft, said the group had made millions. In one case last year, they extorted $1.4 million from a California university.

Police urged any victims to contact law enforcement right away.

“This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable,” Special Agent Michael McPherson, with the FBI’s field office in Tampa, Fla., said.

Colin Perkel, The Canadian Press

hackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Students from SD62 stepped up to help members in the community with the annual 10,000 Tonight food drive. This year’s organizers had to adapt during the campaign as COIVD-19 public health orders changed. (Black Press Media file photo)
West Shore students step up to make sure community members don’t go without

Students of SD62 are this year’s recipient of the Youth Volunteer Award

Millstream Village is welcoming a new Marshalls location March 9. (Photo courtesy GWL Realty Advisors)
New Marshalls store in Langford brings boost to women in need

Retailer will hold opening ceremony in Millstream Village March 9

A cat died in this house fire in Sidney afternoon. The fire started on the house’s deck and spread from that point. Sidney Volunteer Fire Department Chief Brett Mikkelsen said the permanent presence of crews at the Community Safety Building prevented worse damage. (Photo courtesy of Clayton Firth)
Sidney house fire kills cat, causes extensive damage

Official says fire started on deck and damage to the house could have been worse

Each recipient of a 2021 Local Hero Award will receive a hand-carved paddle created by Haida artist John Bellis.
Meet the man behind the awards

Haida artist John Bellis hand-carved this year’s Local Hero awards

Abstract Developments is donating $75,000 to support community programming at The Cridge Centre for the Family. (Courtesy of The Cridge Centre)
Victoria developer builds support for community programs

Abstract Developments donates $75,000 to The Cridge Centre for the Family

A health worker holds a vial of AstraZeneca vaccine to be administered to members of the police at a COVID-19 vaccination center in Mainz, Germany, Thursday, Feb. 25, 2021. The federal state of Rhineland-Palatinate, start with the vaccination of police officers in internal police vaccination centers. (Andreas Arnold/dpa via AP)
B.C. officials to unveil new details of COVID vaccination plan Monday

Seniors and health-care workers who haven’t gotten their shot are next on the list

A boat caught fire in Ladysmith Harbour on Saturday morning. (Photo submitted)
Search underway for missing woman after boat catches fire in Ladysmith harbour

A large boat caught fire on the morning of Saturday, Feb. 27

Lone orca from a pod that made its way north from Georgia Strait and into Discovery Passage on Saturday, Feb. 27, 2021. Photo by Ella Smiley/<a href="https://www.facebook.com/Comoxvalleywildlifesightings/?ref=page_internal" target="_blank">Comox Valley Wildlife Sightings </a>
Island wildlife viewers thrilled by close view of passing Orca pod

Group gives wildlife photographers a classic opportunity to view them off Campbell River shoreline

An investigation is underway after a man was shot and killed by Tofino RCMP in Opitsaht. (Black Press Media file photo)
Man shot and killed by RCMP near Tofino, police watchdog investigating

Investigation underway by Independent Investigations Office of British Columbia.

B.C. Supreme Court in Vancouver on Tuesday December 11, 2018. THE CANADIAN PRESS/Darryl Dyck
B.C.’s compromise on in-person worship at three churches called ‘absolutely unacceptable’

Would allow outdoor services of 25 or less by Langley, Abbotsford and Chilliwack churches

Baldy Mountain Resort was shut down on Saturday after a fatal workplace accident. (Baldy Mountain picture)
Jasmine and Gwen Donaldson are part of the CAT team working to reduce stigma for marginalized groups in Campbell River. Photo by Marc Kitteringham, Campbell River Mirror
Jasmine’s story: Stigma can be the hardest hurdle for those overcoming addiction

Recovering B.C. addict says welcome, connection and community key for rebuilding after drug habit

A Vancouver restaurant owner was found guilty of violating B.C.’s Human Rights Code by discriminating against customers on the basis of their race. (Pixabay)
Vancouver restaurant owner ordered to pay $4,000 to customers after racist remark

Referring to patrons as ‘you Arabs’ constitutes discrimination under B.C.’s Human Rights Code, ruling deems

Most Read