Malware inflicts major cyber attack on Government of Nunavut’s network

“We are not sure how far it reaches,” Premier Joe Savikataaq says

As of Sunday, Nov. 3, the Department of Executive and Intergovernmental Affairs website was functioning, but the Government of Nunavut is still coping with a ransomware attack on Nov. 2 that has damaged its electronic communications network. (Screen shot)

By Jane George

(Updated, 4 p.m.)

A ransomware cyber attack appears to have crippled essential electronic communications within the Government of Nunavut, and some public services may be affected throughout the territory.

This means if you work for the Government of Nunavut, you may not be able to gain access to your email or consult online files, or if you reside in Nunavut, your access to public services may be difficult or impossible.

Nunavut Premier Joe Savikataaq issued a statement on Twitter on Saturday night, saying the GN’s internet system had been infected earlier on Nov. 2 by what he called “a virus that has targeted public services.”

“We’re working around the clock to see the scope of the issue and get everyone back online. You will not have access to your GN account until we understand the full extent of the issue. This affects more than just Iqaluit, but we are not sure how far it reaches,” Savikataaq said.

In a Facebook post, the GN identified the virus as a ransomware attack.

Ransomware is a type of malicious software that blocks access to a computer system or data, usually by encrypting it, until the victim pays a bribe to the attacker.

In many cases, the ransom demand comes with a deadline and if it’s not paid in time, the data is destroyed forever.

Later in the evening of Nov. 2, the GN issued another statement on Facebook: “GN IT is actively addressing the computer network issue, working with IT security companies and internet and software providers. Some Government services might experience delays. Thank you for your patience while we work to resolve this issue. At this time we do not have an estimate as to when services will be restore.”

Jimi Onalik, an associate deputy minister in the Department of Economic Development and Transportation, said on Twitter that the GN is now working with IT security companies, internet providers and software providers to fix the problem.

But as of the evening of Nov. 2, he said the GN cannot say when services will come back.

Ransomware is often spread through emails that contain malicious attachments, or by a technique called “drive-by downloading.”

This drive-by downloading takes place when a user visits an infected website. Then malware is downloaded and installed without the user’s knowledge.

Ransomware attacks use a “Trojan,” a fake website or legitimate-looking file that the user is tricked into downloading or opening when it arrives as an email attachment.

After that, the criminal who controls the malware threatens to publish the user’s data or perpetually block access to the data unless a ransom is paid.

Advanced malware uses a technique called cryptoviral extortion, in which it encrypts the files, making them inaccessible, and demands a ransom payment to decrypt them.

Usually that ransom is in the form of a cryptocurrency, called bitcoin, which needs to be paid to unlock the encrypted files.

Martin Joy, director of information and communication technology at the GN, told Nunatsiaq News this past July that the GN could receive an average of 4,000 to 5,000 attempted cyber attacks per week.

Joy said then that the GN’s security system was strong enough to prevent ransomware from getting through.

The GN also restricts what web pages its employees can access and does not allow access to external email accounts, he said.

But the incidents of ransomware scams in Canada are rising at an alarming rate, according to the RCMP.

In 2015, Canadians were affected by 1,600 ransomware attacks a day.

“By September 2016, the attacks nearly doubled. Those are the known cases. Unfortunately, many incidents still go unreported,” the RCMP’s online information on ransomware says.

“Extortion via ransomware is a criminal offence, and the money you pay will be used to fund criminals and/or criminal organizations and motivate them to further victimize others.”

Share This Story

(26) Comments:

  1. Posted by Scary stuff on

    Absolutely terrifying. This was bound to happen. The lax attitude at the GN is deplorable. I’ve been told the GN is supposed to back up all of their servers DAILY which apparently hasn’t happened in two YEARS. Explaining why the GN hasn’t been able to resolve this quickly.
    I hope to see the foot come down appropriately for those responsible.

    • Posted by Seriously? on

      Seriously? You should research your information before posting bullshit. The GN is constantly battling hacking, viruses and other intrusions and do a damn good job. The last ransomware hack hit the system due to a user downloading and opening files from junk emails. The GN backs up all information daily and on redundant systems. Check your facts Scary Stuff…

      • Posted by ToldUso on

        Everyone knows that managing by putting out/ battling fires is never the best.
        It does look like the GN has an IT security policy; I can point to a few examples that clearly show that CGS has no clue what they are doing,
        1. Security awareness training is key to any IT security framework- ever heard of employee awareness training at GN? That email you tall off would have been opened if employees were prepared.
        2. Walk into any GN building- the server rooms are not locked or secured, anyone and everyone has access to them.
        Just to name a few obvious problems that need serious attention- it is true GN is too relaxed regarding this important issue!

      • Posted by GN employee on

        GN IT has done everything possible to inform users how to protect our system from these viruses, and are diligent about backups. Sadly it just takes one person not paying close enough attention when opening links and attachments It could happen to anyone To blame this on IT is ridiculous 👎🏼

        • Posted by ToldUso again on

          I have been working @ GN for 12 years and I am not sure how I missed those security awareness sessions. CGS IT should operate as they are there to support the different business functions of every department, but they act as though the different businesses have to bend to their whims. When has CGS ever conducted a requirements gathering exercise to ensure they are meeting everyone’s needs? For example, the fact that PRISM was implemented is a sure sign that you want the different departments to conduct their business the way you want them to- which is wrong!
          Thanks to the internet- people are aware of what needs to be done to protect GN information assets and the surprising thing is that the people tasked to do that dont seem to know what they are doing.
          Contractors were let go because a few people complained, led by an MLA that used to work at GN and is well aware of the lack of expertise – I am not sure if he had a solution for the skills gap.
          You can defend CGS IT all you want, fact is- you are not prepared and you will be hit again until you implement a comprehensive security framework!

          • Posted by Real World on

            I think it is time for everyone to agree (especially the politician’s) that there is limited expertise in Nunavut with the skills required to run a Government effectively in order to deal with the complex issues they encounter on a regular basis. The fact is, not everyone is lining up to move to here, so instead of MLA’s being critical of contract workers and Southerners being hired, they should be focusing on asking themselves why aren’t Nunavimmuit willing to further their education in these critical areas. Be grateful they want to move here, so you should focus your efforts on what you can do to make them feel welcome in order retain them Instead of focusing your efforts on how to get rid of them. God knows, they are needed! Not embracing them for the skills they bring only speaks to how immature this Government really is. People like to be feel appreciated for their contributions, so it is a little demoralizing when an employer don’t operate in this fashion.

  2. Posted by Colin on

    For the future …

    Some years ago there was a fire in a San Francisco office building that took out the head off ice of a major bank.

    The bank started up again more or less normally almost at once in different premises because every employee on leaving for the day was required to take home on disk(s) every file he/she was working on.

    Today the cloud could do most of that job.

  3. Posted by Programmer on

    1. It’s long past time for the GN to get rid of Windows and change to a much more secure Linux system.

    2. As for taking home the files you are working on, that opens up lots of other security problems.

    3. But you can save a copy of your work to your local hard drive. That way it is still on GN hardware on GN premises, but not on the network, especially if you turn off your computer at the end of the day.

    4. You work 37.5 hours each week. No need to leave your computer on 24/7 and use 168 hours of electricity each week.

    • Posted by Observer on

      Linux ransomeware is out there and on the rise. At after hours is when computer systems do their backup and updates.

  4. Posted by Laughing at the GN’s stupidity on

    This is hilarious, about time the GN gets punished for their lack of enthusiasm when it comes to everything and anything. I hope there is some real damage done here to show the metaphorical pie in their face for the years of bullshit the GN has caused. Hackers beware!!! Once this situation is resolved I’m sure you’ll be able to get in no sooner than right away because this will never be properly fixed.

  5. Posted by Amos Tamamik on

    There is no such thing as a secure computer. It does not exist!

  6. Posted by D level IT on

    The GNs IT is terrible. Why are we paying a small group of computer science people who couldn’t make it in the south to run all this for such a small government? They can’t keep up. Pay Microsoft or Google a monthly fee and this is a non issue. Here CGS is caught with its pants down, despite all the news reports for months how hospitals and small governments are being targettted for having bad security.

    The number of comments defending CGS and IT is telling here. Get back to work on the problem and stop trying to argue that everything that could have been done was done. If one user clicking an email link will cripple the system, its clearly inadequate.

    Ill stick with my free email service which always works, let’s me attach over 10mb files, and had never been hacked.

    • Posted by User on

      So you think you know so much. There have been major attacks on even bigger organizations. May be do a bit more research before you make ignorant comments. I will consider you a reject too and a very ingnorant person with less or no life values. So your trash talking is off no help to anyone. Just glad you didnt get attacked yet. There are people out there who work hard and you have no right to make ignorant comments. Anyways, I have no time to waste my breathe on your ignorance. Probably a disgruntled GN employee.

    • Posted by Smiles on

      I find your comments interesting. I work for another Provincial level Government and I can tell you from my experience that no one who works in IT would want to be dealing with this sort of issue. Security is something that each employee is responsible for albeit most organizations could do more to train and communicate to their employees. If the mindset is that “technology” will secure everything this is flawed thinking. No system is perfect and gaps exist in all tool sets and this is what hackers exploit. This is social engineering and not a technology issue. The amount of expertise and money these global criminal orgs has will far outstrip anything that a provincial level government has. In my 17 years in IT a common theme has always been underfunded, understaffed, overworked (Try being on call 24/7, weekly OT, constant travel, ungrateful employees).

      It’s a concerning suggestion to move Government data into large cloud services. There are privacy issues with that since data will be stored in a southern location, likely in the US. This means foreign entities could access that data without your knowledge or consent. You really think that’s the best solution? Then tack on bandwidth issues that the North has to deal with, increasing load on slow and/or saturated internet connections makes for a poor user experience. It’s not as feasible of a solution as you might think.

  7. Posted by Frank on

    This is unfortunate turn of events but I think it’s actually par for the course for IM/IT department. I think it is time the office of the CCIO gets a serious review. Or even take a look at CGS top brass leading up to this and what priorities of IT systems became vs best practices. Honestly it won’t take much to see the “big” reason for this.

  8. Posted by The Old Trapper on

    Relax, it appears that this now in Jimi’s capable hands.
    .
    .
    .
    JK

  9. Posted by happens alot on

    happens more often then you think. small organizations with small IT syst. Happened to nti not long ago. You pay the ransome and move on.

  10. Posted by Know both sides on

    Until everyone knows both sides of a situation, the history, and all the facts that lead up to any problem that happens, than your opinion should stay null or mute. To attack people in their positions who di the best they can with what they have, is not right, and as fir those IT experts on here, who think they have all the facts, I can assure you, you don’t.

  11. Posted by IP Blacklisted on

    Judging by the comments section it appears the IT department has a communications division. Though they have been busier than normal this weekend, I would recommend they take a break to install Grammarly.

  12. Posted by Timothy Hillis on

    Possible bio hack nfc through contact with magnetic source of energy used to sync to each others phone..??? Almost like a new version of radio frequency or something.. just a thought..

  13. Posted by General Mills on

    These are apparently the same GN IT guys that want to build a fibre optic connection for a hundred million dollars above the going rate.
    I hope CGS drops the hammer and gets a strategy that isn’t compromised by a single employee clicking a baited link. We also need answers as to how far this virus got. From the look of things, the employee who clicked on a poison link must have had some pretty high level administrator access. We need to be protected from internal incompetence at CGS as much as we do external threats.

  14. Posted by Interesting on

    “Martin Joy, director of information and communication technology at the GN, told Nunatsiaq News this past July that the GN could receive an average of 4,000 to 5,000 attempted cyber attacks per week.

    Joy said then that the GN’s security system was strong enough to prevent ransomware from getting through.”

    Interesting comment from one of the people responsible for the IT Division of the GN.. If you know how often your system is being tested it would be smart to educate the end users on what they can do to decrease the risks to the overall system. Also, having a proper disaster recovery system/plan in place would help mitigate the risks..

    Also.. a statement suggesting your system will prevent ransomware is pretty short sighted (by about 6 months). This seems to show a lack of understanding of the possible outcome of such threats…

    I see a few comments here suggesting the IT employees are inadequate etc.. this is not true.. the IT employees do what they are tasked to do by management.. Management should be held accountable if they do not yet realize the value of proper cyber security.. This is after all the 3rd ransomeware attack the GN has faced.. you’d think they would have learned something from the previous 2. If the same three people are left in charge, we will be reading of another IT outage for the GN within 3 years..

  15. Posted by ukiuqtaqtumiu on

    so with all the hacking going around,election was in it’s place,now the ballots for municipal and fedral elections where counted through .This past 10 years or so we where notified ballots will be counted trough electronic system , and now we hear thery where counted by hand.?not sure if this is accurate but really,sonds like something fishy around here.

    • Posted by relax on

      Conspiracy theories aren’t healthy for you. Use your active mind to improve yourself and help those around you.

Join the Conversation

Your email address will not be published. Required fields are marked *

*


Protected with IP Blacklist CloudIP Blacklist Cloud