A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

A woman types on her laptop in Miami in a Monday, Dec. 12, 2016, photo illustration. An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday. According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million. THE CANADIAN PRESS/AP/Wilfredo Lee

Canadian man charged in U.S. with NetWalker ransomware attacks

The ransomware, like similar malware, often infiltrates computer networks via phishing emails

An investigation into a scourge of NetWalker ransomware attacks has led to the arrest of a Canadian man, the U.S. Department of Justice said on Wednesday.

According to an indictment, police in Florida charged Sebastien Vachon-Desjardins of Gatineau, Que., with illegally obtaining more than $27.6 million.

The accused is alleged to be part of a shadowy group of cyber criminals who have attacked several targets in Canada, including the College of Nurses of Ontario, a Canadian Tire store in B.C., and the Northwest Territories Power Corporation.

“Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation,” Nicholas McQuaid, an acting assistant attorney general with the Justice Department, said in a statement.

U.S. authorities said they had seized about US$455,000 in cryptocurrency from ransom payments in three separate attacks. They also said authorities in Bulgaria had disabled a “dark web” resource used to communicate with NetWalker ransomware victims.

NetWalker operates as a so-called ransomware-as-a-service model, featuring “developers” and “affiliates,” who split the proceeds of any ransom paid. Experts say NetWalker attacks really took off last March as the criminals exploited fears of COVID-19 and people working remotely.

The ransomware, like similar malware, often infiltrates computer networks via phishing emails. Such messages masquerade as genuine, prompting users to provide log-in information or inadvertently download malware.

Earlier ransomware attacks focused on encrypting a target’s files — putting them and even backups out of reach. Increasingly, attackers also threaten to publish sensitive data stolen during the time spent inside an exploited network before encryption and detection.

Once a victim’s computer network is compromised and the data encrypted and downloaded, the NetWalker criminals demand money to return system access. If victims refuse, they might never regain their data or, more frequently now, the information is made public.

NetWalker ransomware has impacted numerous victims, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges and universities. Recent attacks have specifically targeted the health-care sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.

Brett Callow, a Vancouver Island-based threat analyst with cybersecurity firm, Emsisoft, said the group had made millions. In one case last year, they extorted $1.4 million from a California university.

Police urged any victims to contact law enforcement right away.

“This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable,” Special Agent Michael McPherson, with the FBI’s field office in Tampa, Fla., said.

Colin Perkel, The Canadian Press

hackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Friends have identified the man killed in Friday’s shooting in Metchosin as Shane Wilson. (Shane Wilson/Facebook)
West Shore RCMP continue to investigate shooting death in Metchosin

Man killed on Sooke Road Friday night identified by friends

Fire Chief Darren Hughes, right, pulls the old Firemans Park sign off ahead of the parks name change. The new sign for Firefighters Park is coming. (Oak Bay Fire Department Twitter)
Oak Bay changes the name of Fireman’s Park

New sign for Firefighter’s Park on the way

The WHL’s Victoria Royals will compete in a 24-game season starting March 26, <strong></strong>based out of a Kamloops and Kelowna B.C. division bubble (Kevin Light/Courtesy Victoria Royals)
‘Important to cherish every moment’: Victoria Royals not taking bubble season for granted

The Victoria WHL team’s coach and GM calls the season a ‘privilege,’ expects fierce rivalries

The Victoria Fire Department was able to contain a fire to one room after a bed placed directly against a heater ignited. (Black Press Media file photo)
Early morning Victoria balcony fire causes $20,000 in damages

Victoria Fire Department said nobody was injured in the fire on View Street

Postmark Group, an Edmonton-based development firm, bought two properties at 6641 and 6643 Sooke Rd. last year, and is reaching out to the community and local groups for feedback before they begin planning the designs for the development. (Photo contributed/Postmark Group)
Waterfront village development eyed for Sooke

Postmark Group development firm bought two properties at 6641 and 6643 Sooke Rd. last year

Const. Nancy Saggar, who has 11 years in policing, offers advice for other women who may pursue both policing and family. (Black Press Media file photo)
Pregnancy prompts sage advice from RCMP officer for women thinking about policing

West Shore constable with 11 years experience heads off on maternity leave

(BC SPCA)
Is it safe to give your dog some peanut butter? Not always, BC SPCA warns

Some commercial peanut butter ingredients can be harmful to dogs

Anyone with information is asked to call Nanaimo RCMP at 250-754-2345 or contact Crime Stoppers by calling 1-800-222-8477 or submitting a tip online at www.nanaimocrimestoppers.com.
21-year-old motorbike rider dies after crash with ATV on Nanaimo back road

Incident happened Sunday afternoon near Boomerang Lake

Rising accident rates and payout costs have contributed to billion-dollar deficits at ICBC. (Comox Valley Record)
B.C. appealing decision keeping ICBC injury cases in court

David Eby vows to ‘clip wings’ of personal injury lawyers

Provincial health officer Dr. Bonnie Henry and Health Minister Adrian Dix provide a regular update on the COVID-19 situation, B.C. legislature, March 2, 2020. (B.C. government)
B.C.’s COVID-19 cases: 545 Saturday, 532 Sunday, 385 Monday

Focus on Prince Rupert, Lower Mainland large workplaces

A special committee has been appointed to look at reforming B.C.’s police act and is inviting the public to make submissions until April 30, 2021. (Black Press media file)
Have thoughts on B.C.’s review of the provincial Police Act?

Submissions will be accepted until April 30

Cottonwoods Care Home in Kelowna. (Google Maps)
New COVID-19 outbreak at Kelowna care home includes fully vaccinated seniors: Henry

Two staff and 10 residents tested positive at Cottonwoods Care Centre

Excerpts from a conversation between Bria Fisher and the fake truLOCAL job. Fisher had signed a job agreement and was prepared to start work for what she thought was truLOCAL before she learned it was a scam. (Contributed)
B.C. woman warning others after losing $3,000 in job scam

Bria Fisher was hired by what she thought was a Canadian company, only to be out thousands

Most Read