Halifax RCMP warn against ransomware scams

Supported By:

Net Patrol International Inc.  Data Investigation and Forensic Services
Bankruptcy and Insolvency Trustees

Halifax (June 17, 2020) – The Halifax District RCMP issued a warning against ransomware scams targeting businesses. A local company reported that its network had been hacked with ransomware. The hackers demanded $270,000. Any business or individual could be a target of malware cyberattacks. However, the Canadian Centre for Cyber Security determined that the COVID-19 pandemic presents an elevated level of risk especially to the cybersecurity of Canadian health organizations. Security experts warn that criminals can take advantage of the chaotic pandemic situation to trick people into downloading software that can be dangerous or disruptive.

The Halifax District RCMP warned the public about ransomware scams in a press release on June 16. Ransomware scammers extort businesses to restore their information that was encrypted by the cybercriminals.

Ransomware scam targets local Halifax business

The Mounties issued the public warning against ransomware scams after they received a report from a local business. They reported that their network had been hacked and that the cybercriminals were using ransomware. The hackers demanded $270,000 to reinstate the business’ network.

The Canadian Anti-Fraud Centre (CAFC) explains that ransomware is malicious software also known as malware that infects a computer and denies users access to the system or data usually by encrypting the information. The victims typically receive an onscreen alert stating their files have been encrypted or a similar type of message depending on the type of ransomware. The hacker will then demand a sum of money to have the information restored.

Often, these scams stay unreported, the RCMP said in their press release.

Cybercriminals take advantage of the chaotic COVID-19 situation

Any business or individual could be a target of ransomware attacks such as non-for-profit organizations, municipalities, law firms, IT services, senior living centers, or nursing homes. However, Global Affairs Canada and the Canadian Centre for Cyber Security warned especially vulnerable institutions in the health sector. ‘The COVID-19 pandemic presents an elevated level of risk to the cybersecurity of Canadian health organizations involved in the national response to the pandemic,’ stated the Cyber Centre.

However, while the alert highlights risks to the medical and health communities in Canada, all Canadian businesses are advised to put extra effort into their cybersecurity measures, particularly those with employees teleworking through VPNs.

Due to the increase in cybercriminal activities and with most businesses transitioning to work remotely during the pandemic, the likelihood of cyberattacks and losses for business is high. Security experts warn that criminals can take advantage of the chaotic COVID-19 situation to trick people into downloading software that can be dangerous or disruptive.

According to the CAFC, phishing and malware delivery schemes are skyrocketing due to the pandemic. In the coming months, malware campaigns and online fraud leveraging the COVID-19 outbreak are expected to continue, as hackers are known to not letting a tragedy go to waste.

Being scammed is never the victim’s fault

The RCMP urges businesses to train and educate their staff on good security practices such as not clicking on links or opening attachments in emails sent by someone they do not know. They also recommend using strong passwords, changing them often, and using multi-factor verification for accounts.

Businesses should also use a reputable security software suite and ensure all software, including anti-virus software, is kept current on all computers, servers, and devices. Furthermore, administrative privilege should be restricted and back up networks should be kept separately from the primary one.

Lastly, the Mounties recommend businesses to develop incident response plans and to not negotiate with hackers and call the police in the unfortunate case of a cyberattack. The police said that they want to remind the public that being scammed is never the victim’s fault and that scammers can be very persuasive and convincing.

Read more: ‘Fraud destroys peoples’ lives’ – cybercrime expert on data breaches and cybersecurity