Ransomware attack hits international fisheries organization in Halifax

CBC

May 27, 2020 at 5:00 a.m.·4 min read

An international fisheries organization based in Halifax that previously had questions raised about its cybersecurity has been hit by a ransomware attack.

The Northwest Atlantic Fisheries Organization (NAFO) helps manage fish stocks in international waters in the northwest Atlantic for a dozen members, including Canada, the European Union and Russia.

The attack was disclosed on May 24 note to stakeholders.

"The NAFO servers have been compromised by ransomware and are currently unavailable. The NAFO Secretariat is working to resolve the issue. We will provide further details shortly," wrote Lisa LeFort, senior executive assistant to the executive secretary of NAFO.

The NAFO website has been down all week and a web-based data sharing program needed for an upcoming annual science meeting has not been restored either.

'It's certainly a word of warning,' says cybersecurity expert

In most ransomware cases, the target's data is encrypted by the attacker who then demands payment for a key to unlock the data.

It's unknown if this was a random bot attack or if NAFO was deliberately targeted.

"Either way, it's certainly a word of warning for any small organization with a presence on the web," said Mike Smit, a cybersecurity expert at Dalhousie University.

Smit said an attack like this is extremely awkward for small organizations, especially if they don't have a backup system for their data.

"You really face a difficult choice because the best thing for your organization is to get that data back and that might involve paying a ransom," Smit said.

"But from a community or social perspective, paying these attackers only encourages them to do it again and then to attack more people.

"And so it's really it is a dilemma to figure out. Do I need these files badly enough that I'm willing to pay this money? But [it's also] recognizing that the expense is more than just the money you pay."

A learning opportunity

Smit said it's unusual for an organization of this size to be targeted since bigger organizations tend to have deeper pockets.

Notifying stakeholders about the incident is the right response, he said.

"I think that for the moment, their most important course of action is to restore their operations and to work closely with their stakeholders to make sure that they're doing that," Smit said.

"But I think it would be really valuable to hear from them in the fullness of time about what happened because I think that other non-governmental organizations and small businesses could really learn from what happened to them."

NAFO is not discussing the incident.

"We have no comment at this time," Dayna Bell MacCallum, scientific information administrator, said in a brief response to CBC News.

2015 assessment raised cybersecurity questions

NAFO underwent an infrastructure security assessment by Deloitte in 2015, which raised questions about cybersecurity.

One of the recommendations was that NAFO considered implementing a "security information and event monitoring system that would either prevent, detect or warn of the presence of installed software."

The response was not encouraging.

"The NAFO secretariat noted that they did not think this was needed, and that it would be very expensive to implement and may require training. The Chair noted that it would be good to provide Contracting Parties with the potential costs for reference," the assessment read.

Ill-timed attacked

The server attack hit less than a week before an annual meeting that addresses total allowable catches, the science on specific species and other conservation advice to member countries.

The meeting, which takes place over a two-week period, generates hundreds of pages of documents that need to be updated.

This year, it was going to be carried out virtually.

Alternate meeting plan

"As a result of the recent security attack on the NAFO servers, SC SharePoint is still down with no certainty of it being restored before the end of this week," LeFort wrote this week.

"We are working on an alternative SharePoint to be hosted on an off-site server which we hope will be up and running in time for the start of our meeting.

"I hope I will have some positive news for you today, however, for the time being, we will need to use email to distribute relevant documents."

MORE TOP STORIES

Yahoo Canada Style
Sophie Grégoire Trudeau is leaning into the unknown for her next chapter: 'I'm OK with the uncertainty'
No question was off limits in Yahoo Canada's candid and emotional conversation with the "Closer Together" author.
2 days ago
Sacramento Bee
Ex-teacher had sex with her student on his 8th-grade graduation, California prosecutors say
The former Butte County teacher pleaded no contest Monday to the charges.
13 hours ago
HuffPost
How Toxic Is Trump? Republican Group's Hidden Camera Reveals Uncomfortable Truth.
The former president's behavior just doesn't fly out in the real world.
2 days ago
HuffPost
Lara Trump Alarms Critics With 'Frightening' Comment About RNC's Election Plans
"Sounds like a perfect authoritarian election plan to me," fascism expert Ruth Ben-Ghiat commented.
12 hours ago
People
Ex-Aide Says Melania Trump Will Be Watching 'Every Ounce' of Hush Money Trial — and Looking for 1 Thing
Stephanie Grisham, who served as chief of staff and press secretary to Melania, offered a window into her former boss's thinking as Donald's alleged affairs take center stage in the Manhattan trial
a day ago
ABC News
'So appalled': What witnesses told special counsel about Trump's handling of classified info while still president
In the summer of 2019, only hours after an Iranian rocket accidentally exploded at one of Iran's own launch sites, senior U.S. officials met with then-president Donald Trump and shared a sharply detailed, highly classified image of the blast's catastrophic aftermath. Worried that the image becoming public could hurt national security efforts, intelligence officials urged Trump to hold off until more knowledgeable experts were able to weigh in, the sources said.
7 hours ago
HuffPost
Donald Trump Will Hate What Mitt Romney Just Said About The Hush Money Trial
"So far as I know, you don't pay someone $130,000 not to have sex with you," the Utah senator remarked about the ex-president's payments to Stormy Daniels.
a day ago
INSIDER
I tried Gordon Ramsay's favorite 10-minute pasta and now I know why he makes it every week
Gordon Ramsay swears by this easy 10-minute pasta dish, which he said has become a "regular midweek family meal" in his house.
6 hours ago
INSIDER
Where Reena Virk's killers are now almost 30 years on from her murder that inspired 'Under the Bridge'
Hulu's "Under the Bridge" tells the story of the 1997 murder of Canadian teen Reena Virk. Here's where her killers, Warren Glowatski and Kelly Ellard, are now.
18 hours ago
People
'My Drink Tasted Funny': Pregnant Woman's Last Words Revealed After Alleged Fatal Poisoning by Boyfriend
Jade Benning died on her 25th birthday on March 6 after she was rushed to the hospital the week before
a day ago
The Daily Beast
How Putin’s Whirlwind Bromance Could End in a Kremlin Tragedy
Sputnik/Alexei Nikolsky/Kremlin via ReutersThe Kremlin is reportedly scrambling to find a successor to Ramzan Kadyrov following reports that the Chechen leader has been diagnosed with necrotizing pancreatitis, a terminal illness, according to Russian media reports.Kadyrov, also known as “Putin's attack dog” or “Putin’s soldier” for his loyalty to Russian President Vladimir Putin, has visited Moscow Central Clinical Hospital regularly through the years to undergo procedures. He was allegedly diag
a day ago
Hello!
Prince Louis' birthday photos all have this in common – did you notice?
Prince William and Princess Kate's son, Louis, celebrated his sixth birthday with a new photo - and Kate Middleton has a habit of including the same detail in the annual portrait
19 hours ago
People
Florida Man Runs Over 11-Foot Alligator with Truck to Save Neighbor from Attack
"We pulled over and I got out of the car and saw that an alligator had him by the leg," Walter Rudder recalled to a local news outlet about the scary incident
23 hours ago
The Daily Beast
‘Big Scandal’ Behind Russian Deputy Defense Minister’s Arrest
Moscow City Court Press Office/Handout via Reuters Russia’s deputy defense minister was arrested Wednesday just hours after attending a meeting of top military brass, according to federal investigators. Timur Ivanov is officially charged with accepting a massive bribe—but some sources say that’s just for show.“The bribe–that’s for the public. So far they don’t want to talk publicly about treason, it’s a big scandal. After all, it’s the deputy minister of defense,” one unnamed source close to the
18 hours ago
People
Kim Kardashian Reveals the Viral SKIMS Nipple Bra Was Modeled After Her Own Breasts
The bra was first released in October 2023
a day ago
HuffPost
Jesse Watters Self-Owns With Stunningly Clueless Take On Trump Foes
"The level of self-awareness here is in the deep negatives," one commenter wrote.
18 hours ago
The Daily Beast
Princess Beatrice’s Ex-Boyfriend Found Dead in Miami Hotel Room
John Chapple/ShutterstockPrincess Beatrice’s former boyfriend turned up dead in a Miami hotel earlier this year from a suspected drug overdose, Florida cops confirmed to The Daily Beast on Wednesday.Cops said they were called to a downtown hotel room on Feb. 7 at the citizenM Miami Worldcenter, where the 41-year-old Paolo Liuzzo was discovered and pronounced dead at 3:34 p.m.An official cause of death is yet to be released, but Miami cops said his death is being “investigated as an overdose deat
5 hours ago
People
Okla. Man May Face 12-Year Sentence in Turks and Caicos for Traveling with Ammunition: 'Bonehead Mistake'
Tourists Ryan and Valerie Watson were both detained on the island earlier this month after ammunition was found in their carry-on bag at the airport
14 hours ago
Associated Press
Ukraine uses long-range missiles secretly provided by US to hit Russian-held areas, officials say
Ukraine for the first time has begun using long-range ballistic missiles provided secretly by the United States, bombing a Russian military airfield in Crimea last week and Russian forces in another occupied area overnight, American officials said Wednesday. Long sought by Ukrainian leaders, the new missiles give Ukraine nearly double the striking distance — up to 300 kilometers (190 miles) — that it had with the mid-range version of the weapon that it received from the U.S. last October. "We’ve already sent some, we will send more now that we have additional authority and money,” White House national security adviser Jake Sullivan said.
12 hours ago
Hello!
Sydney Sweeney's mini shorts and cropped jacket gives the double denim trend a spring twist
The Euphoria star looked the ultimate bombshell in her double denim look, paired with a black bikini and a bright orange bag. See photos
2 days ago

Latest Stories