Skip to main content

The consequences of the attack, perpetrated by a group of unknown hackers, are rippling through the northern territory.

Paul Chiasson/The Canadian Press

A “ransomware” attack that knocked out government services in Nunavut this week should serve as a wake-up call about a threat faced by small governments, observers say.

The consequences of the attack, perpetrated by a group of unknown hackers, are rippling through the northern territory, affecting 38,000 people spread out across a land mass the size of Mexico.

Makeshift food vouchers are circulating in lieu of income-support payments. Schools are without internet access. Telehealth medical appointments are being cancelled. And no one can say when government services will be fully restored.

Story continues below advertisement

Experts say that such outcomes are increasingly the point. Ransomware doesn’t steal or destroy data, but encrypts it. The records remain scrambled until they are unlocked with a cryptographic key.

But the key is held by the hackers who deployed the malware, and who count on panicked targets’ willingness to pay. The ransoms are demanded in cryptocurrency transactions that cannot be traced by authorities.

Officials in Nunavut say they have no plans to pay off anyone, because they backed up their data in systems that they are now − very cautiously – booting up. “We have multitiered backups, using different technologies,” said Dean Wells, the territory’s chief information officer.

Such malware is making millions for its creators as they shake down corporations and civil services around the world, said Adam Meyers, vice-president of intelligence at California-based CrowdStrike. The company earlier this year publicly identified the specific ransomware – “Doppelpaymer” – that is now affecting Nunavut.

The hackers “look for organizations and targets that have some sort of critical need to be up and running –that’s how they can up the pressure to pay the ransom," Mr. Meyers said.

Hackers are increasingly targeting institutions, and not individuals, he said. "Large corporations, state governments, local governments and school districts, they have all got operating capital and have a lot more than 300 or 400 bucks on them.”

After the attack was launched on Nunavut this past weekend, one of its most immediate effects was to block government payments from being deposited into bank accounts. The territorial government says that 14,000 of its 38,000 residents are on some form of income support.

Story continues below advertisement

Food vouchers were printed by the government as a stopgap, but that rollout was delayed in some places. For example, in the Belcher Islands hamlet of Sanikiluaq, officials had to devise different kinds of chits that could be cashed in for groceries. “They’ve actually worked out a deal with the local stores ... and I understand they’re also using the fax machine,” Nunavut MLA Allan Rumbolt said in an interview early this week.

Some of his constituents have no financial flexibility, he said. “By the time the time comes for your income support, which is once a month, you’re down and out, you don’t have any dollars.”

The territory’s chief information officer says the government computer systems he controls have an outsized effect on people’s lives. “The territory spans over nearly two million square kilometres, 25 remote communities and there are no terrestrial links, either cable or roads,” Mr. Wells said in an interview.

He said Nunavut has been getting cybersecurity advice from the federal government, both before and after the attack.

The new federal Canadian Centre for Cyber Security has “been in contact with the government of Nunavut,” a spokesperson said. “The Cyber Centre continues to monitor new forms of ransomware, and shares tips and information with partners across Canada to help mitigate risks.”

Early this year, the city of Stratford, Ont. − with a population of 31,000 – said it paid a ransom for its data. “The City paid a total of 10 Bitcoins, which were valued at $7,509.13 each at the time, for a total payment of $75,091.30," the city said in a statement.

Story continues below advertisement

Police rarely catch ransomware gangs, according to David Masson, the Canadian representative of Darktrace, a cybersecurity firm.

“If the bad guys have done their homework, they would realize that ‘If we hit this provincial government or if we could hit this municipality, you know we could do quite a bit of damage,' ” he said.

Report an error Editorial code of conduct
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

Cannabis pro newsletter
To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies