Quebec’s largest agricultural company, Sollio Groupe coopératif, suffered a ransomware attack on November 7. The cyber hackers are threatening to publish the mass of data they have stolen in three days.
Sollio, formerly La Coop fédérée, thus becomes the largest business victim of a cyberattack in Quebec in 2020.
The giant owns the Groupe BMR hardware store and a large farmer services division. He also controls meat producer Olymel, also the victim of a cyberattack in October.
Sollio is still working on restarting his systems and has filed a complaint with the Montreal police.
“We have an investigation underway,” said Stéphane Forget, senior vice-president of corporate affairs, in an interview with our Investigation Office. We are following a critical path to rebuild and restart our systems. “
Multiple servers affected
The group refuses to say what proportion of its servers are affected, but the hackers attacked both the network of the head office and that of the agricultural division and cooperatives members of Sollio.
The attack disrupted transactions on the site, such as grain purchases, which must be done manually at this time.
“We want to ensure that the system is secure before putting it back into operation,” explains the vice-president.
At this point, Sollio refuses to say if she has seen a ransom demand.
NetWalker is known to “rent” its technology to other cybercriminals. The gang then hosts the data stolen by its clients on the hidden web (dark web) to extort and convince targets to pay.
“They are responsible for ‘talking’ with the infiltrated victims,” says Damien Bancal, head of cyber intelligence at 8Brains.
In principle, NetWalker publishes the data when its victims refuse to pay the requested ransom or when they do not contact it.
NetWalker has taken an impressive toll since the gang started cracking down in August 2019.
Only between March and July, in the midst of a pandemic, he would have extorted from his victims no less than US $ 25 million, according to a study by the antivirus company McAfee.
Among his victims are:
- University of California San Francisco
The establishment, which is working on a vaccine against COVID-19, agreed to pay a ransom of US $ 1.14 million after tough negotiations with NetWalker, which attacked it on 1er June, according to the BBC.
The Terrebonne firm paid a ransom after an attack by NetWalker on 1er September. Xpertdoc wanted in particular to make sure to destroy data on police officers.
Our Bureau of Investigation revealed on Saturday that NetWalker also targeted Goodfelow, a publicly listed Delson lumber producer. The criminals have published medical information on its employees, including blood tests carried out to detect drugs in the blood of job applicants.
If you have any information on cybersecurity, contact our journalist in complete confidentiality at 438 396-5546 (Signal, cell.) Or at email@example.com