Saskatchewan government says it’s using all available tools to deal with the problem.Reuters
The Saskatchewan government says it has been hit with a cyberattack, but one expert suspects it's unrelated to the malware that has sought to extort money from companies, government agencies and other organizations around the world in recent days.
The province said Monday its network was flooded with traffic on the weekend that caused a two-hour outage on the Saskatchewan.ca website and other system-related issues.
"Our security team is still assessing the situation to calculate exactly where this is coming from and what the nature of the attack is," Richard Murray, deputy minister of Central Services, said in Regina.
Opinion: Will cyberattacks continue to get worse?
He said it has not been determined whether it's related to the rash of ransomware sweeping the globe.
Malware dubbed WannaCry for the WannaCrypt software used to execute it has affected an estimated 300,000 machines in 150 countries since Friday.
A Toronto-area hospital said Saturday it appeared ransomware threatened its computer system, but it was able to deflect the attack.
The most common way to spread the malware is by sending download links by email. It works by seizing control of a computer and making its files inaccessible to users. Victims are told they must pay a ransom to get their files back.
Murray said the Saskatchewan government has not received a ransom demand so far.
"We haven't had to deal with that yet and I hope we don't have to," he said. "We have all of our data backed up and ... we could always go back to our backups and restore systems from an earlier date if we have to."
The attack against the Saskatchewan government appears to be a distributed-denial-of-service — or DDoS — attack, said Eric Jardine, a senior fellow at the Centre for International Governance Innovation based in Waterloo, Ont.
Whoever is behind the WannaCry attacks is out to make money, suggested Jardine, who also teaches political science at Virginia Polytechnic Institute and State University.
"To change that tactic all of a sudden and to target a government with a distributed-denial-of-service attack seems like a weird shift, so I suspect they aren't related," he said.
"I suspect it's just two separate things that both happened to involve computers."
Jardine said it's relatively easy to mount a DDoS attack. Sometimes the motives are political, but often the culprits are just out to cause mischief.
On Monday afternoon, all of the Saskatchewan government's systems were running.
Murray said he's unaware of any data that has been breached and no personal information has been compromised.
His ministry oversees information technology for provincial government ministries, but health records are housed elsewhere and would not have been affected by the attack.
Murray said the provincial government has encountered DDoS attacks in the past — but not like this.
"This one seems to be an unprecedented volume of traffic," he said.
"We turn away hundreds of thousands of attacks. We have hundreds of thousands of emails that pour in for ransomware, for spam, for malware, all the time. It's a continuing effort to turn away attacks."