Police joined world ransomware investigation after Saskatoon agency hit

Breadcrumb Trail Links

Some notable updates from Thursday’s police board meeting.

Author of the article:

Thia James Peoples Party of Canada Leader Maxime Bernier speaks with supporters at their election night rally at the Saskatoon Inn. Peoples Party of Canada Leader Maxime Bernier speaks with supporters at their election night rally at the Saskatoon Inn. Photo by Michelle Berg /Saskatoon StarPhoenix

Article content

Some notable updates from Thursday’s police board meeting:

Article content

OPERATION GOLDDUST

Saskatoon Police Chief Troy Cooper told the board local officers played a small role in a global cybercrime investigation, noting how complicated such investigations can be.

Operation GoldDust, an international probe into cyber attacks deploying Sodinokibi/REvil ransomware, was coordinated by Europol, and involved 17 countries and international agencies such as INTERPOL. It began in 2019 after several corporations were targeted, and led to the arrests of seven people in Romania, Poland, South Korea and Kuwait.

Saskatoon police became involved in August 2020 when an unnamed local engineering and security company was hit with a ransomware attack, police said in an email.

The company found its computer and network encrypted and inaccessible. It was asked to pay a ransom in exchange for decryption keys to access the encrypted files.

The Saskatoon police technological crimes unit worked with the company and was able to preserve, isolate and gather digital evidence to help identify the source of the attack.

“With the local company’s cooperation, the SPS was able to analyze and investigate the security breach and successfully contribute to Operation GoldDust, and the takedown of the Sodinokibi/REvil Ransomware family,” police said in the email.

The ransomware family — an organized crime operation — is believed to be responsible for at least 7,000 cyber attacks and demands for hundreds of millions of euros in ransom.

Article content

Cooper said about 600 of the ransomware infections were in Canada.

“I mention this case just simply because given the global and highly technical nature of cybercrime investigations, these files are extremely challenging. Our small part in this success is still worth celebrating for sure,” Cooper said.

Police encourage any organization in the community that has been a victim of ransomware to contact law enforcement.

Peoples Party of Canada supporters attend a rally at the Saskatoon Inn on election night. Peoples Party of Canada supporters attend a rally at the Saskatoon Inn on election night. Photo by Michelle Berg /Saskatoon StarPhoenix

MORE TICKETS TO COME FOR PPC ELECTION NIGHT EVENT

To date, Saskatoon police have issued 20 tickets for alleged violations of the public health order for indoor public masking since the new order came into effect on Sept. 17.

Police said at least four tickets are pending in connection with the Sept. 20 election night event held by the People’s Party of Canada at the Saskatoon Inn. In an email, police said the delay is due primarily to “jurisdictional service issues” and help has been requested from other police agencies to serve the tickets.

The event, which featured PPC Leader Maxime Bernier, was televised nationally. Images published and broadcast from the event showed many attendees not wearing masks.

After the gathering, police said they believed the situation would escalate if they shut it down that night.

Cooper said police continue to support public health inspectors and the COVID enforcement team as a secondary support, and the city police role is to address cases where there is a disturbance, refusal to comply or some component of potential violence.

Comments are closed.