Montreal electrical equipment distributor Guillevin International saw hundreds of its business documents end up online after a ransomware attack on September 12.
• Read also: Fraud $ 120,000 after a cyberattack
“This is what happens when you don’t pay,” says Luc Rodier, CEO of the company.
The hackers had left instructions for contacting them and knowing the ransom demanded, but Guillevin did not even contact them.
“It is out of the question for us to support a criminal organization”, insists the boss.
The attack bore the signature of the Maze platform. Since fall 2019, its mysterious users have turned ransomware into a real industry. Their recipe: publish the stolen data to victims who refuse to pay for it.
In all, Maze has targeted 328 organizations, according to the tally of Damien Bancal, head of cyber intelligence at 8Brains.
The gang announced at the end of October that it was ceasing its operations, but others have emerged that mimic its strategy.
Back to paper orders
Guillevin spent 12 days rebuilding his network, operating practically without computers, says Luc Rodier. Its staff had to order paper order pads, like in the 1980s.
“We assumed and acted as if there was sensitive information that had been published,” he said. Online, our Bureau of Investigation found mostly trade data. Nothing trivial, assures the CEO.
“There is sensitive information on our products, certain commercial agreements …”
Luc Rodier felt very lonely.
“These are large global criminal groups,” he says. Police forces don’t know what to do with it. “
For lack of a better solution, it relies on transparency.
“It’s a scourge. The more people are going to be aware that it exists, the better off we are as a society. “
Long list of victims
Dozens of public and private organizations have been victims of ransomware over the past year.
In October, the Société de transport de Montréal took almost two weeks to recover from an attack carried out using a program based on the RansomExx ransomware.
The Huron-Wendat Nation suffered a cyberattack by the Conti gang, which posted student files from a training center online.
Quebec Ministry of Justice
Hackers managed to steal emails from the ministry and send malware to citizens who contacted it, using the Emotet Trojan.
Fraudsters attacked online taxpayer records and obtained the passwords of 9,041 users in August.
The aircraft maintenance firm —- was attacked in late March by the Maze gang, who posted the stolen data online.
In the street
Hackers used Russian-born Zeppelin malware to attack the homeless organization, which paid a ransom.
At the end of October, the CIUSSS cut off its internet access after an attack, which coincided with a wave of cyber hacks in American hospitals using Ryuk ransomware, of Russian origin.
Medisys Health Group
This subsidiary of Telus paid a ransom to recover personal data on 60,000 customers, including police officers.
Xpertdoc Technologies inc.
The computer firm paid a ransom after a cyberattack on September 1 to destroy data on police officers.
Information on 134,079 people from the database of the professional association of accountants ended up on Russian hacker sites.
In July, the restaurant equipment distributor was also attacked by Maze, who released its banking documents.
City of Châteauguay
In March, hackers used Ryuk ransomware to cripple his network.