The Federation of Sovereign Indigenous Nations in Canada recently paid a ransomware hacker $20,000 in bitcoins.
Computers are a tremendous boon to modern life. For most local governments, they offer a great way to store and easily access a wide range of documents, not to mention allowing internal communication. Such ease of use comes with a price as criminals seek to exploit any security lapses in order to hold files for ransom. The Federation of Sovereign Indigenous Nations (FSIN) in Canada found this out the hard way and eventually paid a hacker $20,000 in bitcoins due to a ransomware attack.
Initial Ransomware Attack Goes Unnoticed
Anonymous sources within the Federation of Sovereign Indigenous Nations contacted CBC News and told them about the ransomware attack. Apparently, the computer network of the FSIN was breached earlier this year, allowing the hacker to gain control of the email system and internal files of the FSIN.
A wide range of data was stolen, including internal land claims and files on young athletes. The staff and executive of the FSIN had their health claims, treaty card numbers, and social insurance information stolen as well.
The hack was not noticed for some time, but the hacker eventually contacted a staff member in May, demanding a ransom of $100,000 to get the information back.
Hacker Paid Off
According to the sources, various chiefs and other individuals that make up the FSIN treasury board and audit committee got together to discuss the issue. Various options were debated, such as contacting the police, issuing a public statement, and contacting the individuals who had their personal information stolen. Apparently, none of those options were chosen.
Instead, the FSIN began to negotiate with the hacker. They were able to eventually whittle down the demand of $100,000 to $20,000 in bitcoins. So far, the FSIN has remained tight-lipped about the matter, but it appears that they have now hired a company specializing in cybersecurity.
Hacking Proving Profitable
The Federation of Sovereign Indigenous Nations is just the latest victim to join the sad fraternity of those hit with a ransomware attack. The small Canadian town of Midland recently had their computer systems shut down for 48 hours due to a hack. The town decided it was quicker and cheaper to pay off the hacker in order to get their systems back online.
Even major organizations are being hit with such hacking attacks. The PGA was hit with such an attack right before the PGA Championship. Important files were locked away, but the golf association decided not to pay the ransom.
The reality is that such hacks will continue as long as they are profitable. Being able to launch an attack from across the world puts a major hurdle in front of law enforcement, and the use of cryptocurrency allows for ransom payments to be paid globally. Countries like North Korea and Iran are using such cyber attacks to generate revenue, and security researchers have noted that a new ransomware, Ryuk, netted its users a cool $640,000 in just two weeks.
Have you ever been impacted by a ransomware attack? Let us know in the comments below.
Images courtesy of Shutterstock.