The Montreal health agency and transport system close their operations after a ransomware attack. Hackers demand millions of dollars

The Canadian government faces a severe computer security crisis after it was confirmed that the transportation system and a health agency in Montreal were affected by a ransomware attack.

The transport system incident occurred on October 19, when criminals attacked Société de Transport de Montreal (STM) systems to disable their website, demanding a payment of nearly $3 million to restore systems to normal. Apparently the STM refused to pay the ransom to the hackers. Cybercriminals may have used a phishing email to gain access to the STM network during the attack, although the investigation into this incident is still ongoing.

La imagen tiene un atributo ALT vacío; su nombre de archivo es ransom0311202001.jpg

On the other hand Christian Dube, the city’s health minister, mentions that CIUSSS du Centre-Ouest-de-l’Île-de-Montreal, the affected medical agency, had to disconnect its systems while the authorities conduct the relevant investigation in collaboration with cybersecurity specialists: “Our teams detected the infection quickly, so we shut down multiple systems to prevent further damage,” Dube says.

Unlike the incident at STM, investigators believe the attack on the medical agency could be part of a broader campaign, although the identification of other incidents that are part of the same attack campaign has not been recognized. However, the FBI launched an alert in conjunction with the Canadian government warning of a possible cyberattack campaign against the medical industry in both countries.

La imagen tiene un atributo ALT vacío; su nombre de archivo es ransom0311202002.jpg

Authorities believe that malicious hackers could be attacking the medical systems of both countries with ransomware infections in order to interrupt their operations completely and force ransom payment.

The strangest part is that a ransom demand has not been filed: “We are going through a fairly rigorous process to try to get to the bottom of what we have found, eliminate it and get back online,” said Dr. Lawrence Rosenberg, director of the health agency, adding that the work could take up to a week.

Cybersecurity expert Steve Waterhouse believes these attacks come from threats in the United States, so he predicts that more Canadian medical agencies could be attacked by hackers in the coming days. In addition, Waterhouse points to how often these attacks occur, scenarios that can be originated with a simple phishing email.