After ransomware attack, Nunavut will reformat all GN computers
“We’re not even looking at what it’s going to cost us,” premier says
The Government of Nunavut is collecting the work computers of its employees following the ransomware attack that took down the government’s computer systems.
Since the attack on Saturday, Nov. 2, GN employees have used paper, telephones and faxes for communications.
The GN said in a release the computers will be “collected and reformatted by GN IT,” which “aims to return computers within 24 hours, and thanks GN employees for their patience.”
Judging by the number of employees in the public service, more than 5,000 GN computers are likely to be in use across the territory in various offices, schools and health centres.
Dean Wells, the territory’s corporate chief information officer, told Nunatsiaq News on Wednesday that “we’re looking to servers and work stations and trying to find out as much as we can about this ransomware.”
Ransomware is a type of malicious software that blocks access to a computer system or data, usually by encrypting it, until the victim pays a ransom to the attacker.
In many cases, the ransom demand comes with a deadline and if it’s not paid in time, the data is destroyed forever.
In the GN case, ransomware encrypted individual files on all servers and workstations.
Wells said he still has many questions about the ransomware, which has kept him working from early in the morning to past midnight since last weekend: “How did this get in? How is this even possible?”
“This really caught us off guard because we had all our firewalls patched,” he said, adding that the security measures were “up to date.”
“When we got the call on Saturday, it really caught us off guard.”
The backups of GN data appear to be OK, Wells said, so “we are not anticipating any loss of data at this time.”
“We will know more tomorrow, but right now this is our belief,” he said.
IT workers have already started rebuilding the GN network, but they want to be “careful and cautious” and don’t want to reintroduce any ransomware, Wells said.
At least 16 IT specialists are working at the task, with four different teams, in four different places, he said.
More answers about the state of the GN network could come on Friday, he said.
One thing is certain: “We would not pay any ransom.”
“We would not be interested in going down that road at all,” Wells said. “We’re pretty confident that we’re going down the right path.”
“The advice we’re getting is that if you pay this you might not get the information you need,” he said, and others might attempt to strike elsewhere.
The RCMP’s cyber crime experts are “working shoulder to shoulder” with the GN team, which includes IT help from a big, Ottawa-based consulting firm, Donna Cona Inc.
Speaking in the Nunavut legislature on Wednesday, Premier Joe Savikataaq said that “we’re not even looking at what it’s going to cost us.”
“We just want to make sure that we can get the system up,” he said.
As for how long that will take, Savikataaq said “within a week or two, we should be operational … but I don’t have a timeline when things will be normal or at the same state as before the virus struck our network.”