Skip to main content

This file photo taken on November 3, 2016 in Rennes shows a screen viruses list at the LHS (High Security Laboratory) of the INRIA (National Institute for Research in Computer Science and Automation). A major wave of cyberattacks hits dozens of countries around the world on May 12, 2017, affecting hospitals, telecoms companies, government departments and other organisations

DAMIEN MEYER/AFP/Getty Images

Canada is not immune to online extortion, despite apparently sidestepping a massive attack that temporarily crippled networks around the world, a cybersecurity expert said.

Atty Mashatan, a professor at Ryerson University's School of Information Technology Management, said it was nothing more than a fluke that Canada appears to have been largely spared from Friday's ransomware attack that disrupted services in Russia, the U.K., Ukraine, Spain and India.

Attacks like this one, dubbed "WannaCry" for the "WannaCrypt" technology used to execute it, happen when a type of software seizes control of a computer, encrypting its contents and rendering them inaccessible.

Story continues below advertisement

"The vehicle that the malware going from one device to the other is spam. The most common way that they do that is via a link in an email," Mashatan said. "It looks as if it's from someone you know, in your contacts. You click on it, and bingo. The actual malware, the file, is downloaded."

The perpetrators then demand hundreds or thousands of dollars to unlock the victims' computers — essentially holding the documents, photos and other items on the computer for ransom.

"This one wasn't really a targeted attack at all," Mashatan said. "They usually run this campaign and hope to infect as many devices as they can."

"This time around we were lucky," she said. "There's so many people who are emailing one another within the U.K., whereas the traffic between the U.K. and Canada is not as much."

But if the wrong person had clicked on an infected link, they could have spread the ransomware to Canada.

A hospital in Oshawa, Ont. said Saturday it appeared the ransomware threatened its computer system, but a spokesman for Lakeridge Health said the facility's system was able to deflect the attack.

"Our antivirus software contained the attack and so while we've had to reset some of our systems we weren't affected in the same way that other places were," said Lloyd Rang, in an interview Saturday.

Story continues below advertisement

"Patient care wasn't affected and neither were any medical records or health records breached in any way."

Computer users worldwide — and everyone else who depends on them — should assume that the next big "ransomware" attack has already been launched, and just hasn't manifested itself yet, Ori Eisen, who founded the Trusona cybersecurity firm, told The Associated Press.

The attack appears to be "low-level" stuff, given the amounts of ransom demanded, Eisen said Saturday.

He said the same thing could be done to crucial infrastructure, like nuclear power plants, dams or railway systems.

A representative from Public Safety Canada said the Canadian Cyber Incident Response Centre is aware of the reported attacks, but made no mention on whether any Canadian users were affected.

The Communications Security Establishment, a Canadian intelligence agency, said in a statement Saturday that the federal government's computer networks do not appear to have been affected by the attack.

Story continues below advertisement

In the meantime, Mashatan said it's important for everyday people to remain vigilant to prevent these attacks from spreading.

She said people should keep their computers' operating systems up-to-date, because the latest updates often patch up security holes. People should also avoid clicking on suspicious links.

With a report from Associated Press

Report an error
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

Cannabis pro newsletter