Delta cybercop Europe-bound in hunt for ransomware attacker

0
191


A Delta police officer will be charting new territory when he heads overseas this month to join European counterparts attempting to crack a cybercrime case.

Const. Dustin Classen, with the DPD cybercrime unit, will be meeting in the Hauge, Netherlands, with a team from Europol who is chasing the same suspect.

“Because the cybercriminals are so internationally based, we don’t really know where they are,” Classen said.

Read more:

Tips to protect against ransomware attacks

What police do know is this: Earlier this year, a malicious actor was able to exploit a weakness in Microsoft Exchange to get into a mid-sized Delta business’s network. They were then able to encrypt it, locking the owners out in what’s known as a ransomware attack.

Story continues below advertisement

A demand was made for payment to unlock the network but the business restored its system from backups and went to the police.


Click to play video: 'Cyber criminals increasingly attacking critical Canadian infrastructure'







Cyber criminals increasingly attacking critical Canadian infrastructure


Cyber criminals increasingly attacking critical Canadian infrastructure

Classen said investigators were able to collect “digital fingerprints” from data in the hack, and shared them with counterparts at Europol, the European Union’s police agency. Investigators in Europe were able to link those identifiers to attacks in several European countries.

“Now we have another agency that has a whole different set of circumstances. If we can connect with them, and pool our resources, maybe we can put the pieces of the puzzle together and figure out who it is,” he said.

Read more:

Canadian spy agency targeted foreign hackers to ‘impose a cost’ for cybercrime

It’s a big step for Delta’s small cybercrime unit, which Classen said has doubled in size in recent years.

Story continues below advertisement

Ransomware attacks have become a growing threat in recent years. TransLink, Vancouver Coastal Health, and a third-party service provider for BC Cancer were all targeted by such attacks in the last two years alone.

In fact, a recent survey by the Angus Reid Institute for Palo Alto Networks found that 55 per cent of IT decision-makers reported their organization had been hit with a ransomware attack. One in five said they’d been attacked more than once.


Click to play video: 'World’s largest meat supplier back online after ransomware attack forces US operations to halt'







World’s largest meat supplier back online after ransomware attack forces US operations to halt


World’s largest meat supplier back online after ransomware attack forces US operations to halt – Jun 2, 2021

The consequences can be costly: the average ransom demanded was nearly $450,000.

Classen said the Delta attack was a potent reminder of the value of keeping security up to date. The Microsoft Exchange weakness the attackers exploited was actually the subject of a security patch the software company had released, which Classen said may have been how the hackers found their target.

Story continues below advertisement

Read more:

Canadian health, energy sectors increasingly targeted by ransomware attacks

“If you don’t implement those patches or implement them correctly — what was happening is the bad actors or cybercriminals were scanning the network looking for vulnerable servers.”

While ransomware attacks are a big problem for businesses, Classen said his unit has been even busier dealing with a wave of “cyber-enabled” crime targeting individuals.


Click to play video: 'Some services restored after TransLink ransomware attack'







Some services restored after TransLink ransomware attack


Some services restored after TransLink ransomware attack – Dec 4, 2020

The most popular scam at present, he said, are bogus cryptocurrency “investing” opportunities.

Attackers set up fraudulent investment sites, then hunt their targets over social media or dating sites, promising low-risk quick returns.

“A lot of people really don’t understand cryptocurrency,” he said.

Story continues below advertisement

Read more:

‘Epidemic of cybercrime’ underway in midst of pandemic: Security expert

“And so when somebody comes out of the blue and says look, you can make a lot of money doing this and I can show you how and they’re friendly … I can see how people would fall into that scheme.”

Delta police are hoping that Classen’s trip to meet with veteran European cybersleuths will pay off in new skills and capacity for the unit in battling the wave of cyberattacks on both businesses and individuals back home.

It’s a big deal for us in Delta. I don’t think we’ve ever partaken in such an international effort,” he said.

“We’re a pretty small municipal department, but we are making pretty good strides in our cybercrime unit.”








Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here