This article is more than 1 year old
Ransomware freezes govt IT in Canadian territory of Nunavut, drops citizens right Inuit
As US picks up its game, scumbags seek new targets
A malware infection has crippled the IT operations in the remote Canadian territory of Nunavut.
An alert from the provincial government on Monday says that "all government services requiring access to electronic information" are being impacted by what they describe as a "new and sophisticated" infection.
"Essential services will not be impacted and the [government of Nunavik] will continue to operate while we work through this issue," Premier Joe Savikataaq said. "There will likely be some delays as we get back online, and I thank everyone for their patience and understanding."
Fully recovering from the infection could be tricky for Nunavut, a remote area that covers much of the northernmost portions of Canada. The territory covers an area of more than 1.9 million square kilometers, but has a population of around 36,000 people.
While the government did not say exactly which infection had crippled its IT infrastructure, a CBC report showed a copy of a ransom note that appears to be identical to that of the Dridex malware's DoppelPaymer ransomware module.
The infection could also be a sign of a larger trend from ransomware operators towards targeting smaller countries and governments.
According to Emsisoft, an AV biz that has been tracking attacks on US state and local governments, reported ransomware outbreaks stateside have been falling over the last few months, from a high point of 44 in July to 24 in each of August and September to 16 incidents in October.
The theory is that, as municipal and state governments in the US wise up and improve their security, hackers have opted to go international in search of softer targets.
"US entities are on very high alert, bolstering their IT and so are less likely to be comprised," the security biz said in a note to The Register.
"Because of this, big game hunters are increasingly looking for opportunities in the other countries."
Meanwhile, Nunavut has some company in Spanish media company Cadena SER, who this week was revealed by Spain's National Security Department to be one of a group of local companies to fall victim to a ransomware outbreak in that region. ®
Biting the hand that feeds IT
