Ransomware continues to strike Canadian organizations directly or through their suppliers.
The federal government issued a cryptic statement Friday afternoon, saying that on March 14 it became “aware of a possible ransomware attack on a private company that provides services to international and Canadian clients, including to some federal departments and agencies.
“No cyber threat has been directed at the Government of Canada, nor its information technology infrastructure.”
The statement adds that the Treasury Board of Canada Secretariat, the federal Canadian Centre for Cyber Security and other government departments continue to monitor the situation. “Should any unauthorized disclosure be discovered, the government will engage those who have been impacted, as well as privacy and law enforcement authorities.”
Meanwhile on Wednesday, FortisOntario Inc., an electric utility that owns power companies in several communities, said it was also made aware on March 14 of a possible ransomware attack on a third-party contractor that prints bills and provides certain electronic billing services for customers.
This may refer to a March 12 ransomware attack suffered by an Ottawa-area company called R. E. Gilmore Investments Corp. That incident was only revealed Friday in a news release. The company offers commercial printing, supply chain, IT, and reproduction services to global clients.
“At this point, we are not aware of any personal information of our customers that has been inappropriately accessed,” the company said in a statement. It added that if personal information has been accessed, it would be limited to customer names, addresses, electrical consumption and other information on bills or used for electronic billing services.
“We can confirm that no additional customer information (such as banking information) was accessed during the cyber event.”
Part of Fortis Inc. a Newfoundland-based energy company, FortisOntario owns Canadian Niagara Power (which serves Fort Erie and Port Colborne), Eastern Ontario Power (which serves the Gananoque area), Algoma Power (serving the Sault St. Marie area), and Cornwall Electric (serving the area around Cornwall, Ont.).
Both the federal and the FortisOntario statements come after ransomware groups recently posted claims that they have victimized Canadian firms by copying their data before encrypting it. None of the claims have yet been confirmed by ITBusiness.ca. One is a Quebec-based e-commerce firm, another is a B.C.-based law firm, a third is a New Brunswick insurance broker, and another binds documents and whose clients might include a law firm.
Also on Friday, security company Emisoft issued its 2020 report on ransomware based on 506,185 ransomware incidents looked into by its researchers. It estimates that only 25 per cent of victims make a submission to Emsisoft or a new site called ID Ransomware where researchers can identify malware strains. That means the real number of incidents is probably much higher.