Massive cyberextortion attack could have affected Canada
TORONTO — Canada is not immune to online extortion, despite apparently sidestepping a massive attack that temporarily crippled networks around the world, a cybersecurity expert said.
Atty Mashatan, a professor at Ryerson University’s School of Information Technology Management, said it was nothing more than a fluke that Canada appears to have been spared from Friday’s ransomware attack that disrupted services in Russia, the United States, Ukraine, Spain and India.
Attacks such as this one, dubbed “WannaCry” for the “WannaCrypt” technology used to execute it, happen when a type of software seizes control of a computer, encrypting its contents and rendering them inaccessible.
“The vehicle that the malware going from one device to the other is spam. The most common way that they do that is via a link in an email,” Mashatan said. “It looks as if it’s from someone you know, in your contacts. You click on it, and bingo. The actual malware, the file, is downloaded.”
After the malware is downloaded, the perpetrators demand hundreds or thousands of dollars to unlock the victims’ computers — essentially holding the documents, photos and other items on the computer for ransom.
“This time around we were lucky,” Mashatan said. “There’s so many people who are emailing one another within the U.K., whereas the traffic between the U.K. and Canada is not as much.”
But if the wrong person had clicked on an infected link, they could have spread the ransomware to Canada.
A hospital in Oshawa said Saturday it appeared the ransomware threatened its computer system, but a spokesperson for Lakeridge Health said the facility’s system was able to deflect the attack.
“Patient care wasn’t affected and neither were any medical records or health records breached in any way,” Lloyd Rang said Saturday.