Canadian Military Contractor Hit By Ransomware

The threat presented by ransomware continues to be evidenced in 2020 after an attack on a major Canadian defence contractor Bird Construction.

The Canadian construction firm that provides service for the Canadian military was apparently attacked by cyberattackers MAZE in December 2019, according to Infosecurity magazine.

Earlier this week cybersecurity firm FireEye warned attackers were attempting to use a recently patched critical Citrix bug to infect organisations with ransomware,

Data theft

Toronto-based Bird apparently had signed 48 contracts worth $406m with Canada’s Department of National Defense between 2006 and 2015, Infosec magazine reported.

And despite the reported theft of 60GB of data, which was said to include personal information on Bird staff, as well as data about a firm that Bird has also worked with on a number of projects, Bird claimed that the attack had no business impact.

“Bird Construction responded to a cyber incident that resulted in the encryption of company files,” it wrote in an email to the Canadian Broadcasting Corporation (CBC). “Bird continued to function with no business impact, and we worked with leading cyber security experts to restore access to the affected files.”

There is no word on whether Bird paid a ransom to the Maze attackers.

But at least one security expert highlighted that the danger of ransomware (other than crippling computer systems) is the risk of data theft.

“The ransomware attack on Bird, a Canadian construction company that services the military and government, highlights the duplicitous nature of ransomware attacks,” said Stuart Reed, VP cyber at Nominet.

“Firstly, there is the disruption to business operation as systems are taken offline and, secondly, there is the data exfiltration,” said Reed. “In this case, Bird should be commended for continuing to function with no business impact but unfortunately it did have data exposed that contained personal employee data and information relating to a partner company, Suncor Energy.”

“Above all, this latest attack demonstrates the complexity of managing the security of supply chains,” said Reed. “While it is important that businesses have a holistic approach to their own security it is also vital that they scrutinise their suppliers to ensure the same standards of security are adhered to.”

“It is also important to maintain a layered approach to cyber, utilising the network, for example, to identify potential threats and data theft as early as possible to be able to put appropriate measures in place to mitigate risk and damage,” Reed concluded.

Do you know all about security? Try our quiz!

a

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago