Cadena SER released a statement on their webpage confirming the ransomware attack, noting that it had a significant and widespread impact on their systems. Although in-depth details regarding the attack were not provided, the message from the company said their technicians were working to recover the local programming of each of their stations, indicating that broadcasts — at least at the local level — were affected. The station also disconnected its computers from the internet as part of its security protocol.
Government services in Nunavut also affected by ransomware
Even the remote Canadian region of Nunavut was not spared from ransomware. In a news release published on the Nunavut government’s website, the still-unknown ransomware variant used in the attack managed to encrypt individual files on various servers and workstations, resulting in disruption to government services that require access to electronic information stored on the network.
While these services are still open, the Nunavut government said that delays are to be anticipated. Furthermore, the government is also working on restoring data using existing back-ups.
Defending against ransomware attacks
Ransomware has been on the rise once again — according to Trend Micro’s 2019 midyear security roundup, ransomware detections in the first half of the year were up 77% compared to the latter half of 2018. Additionally, threat actors are expanding their scope of operations, not just targeting individuals and businesses but seeking new victims as well — notably local governments that lack comprehensive security systems in place.
It is highly recommended that organizations across all sectors implement the following best practices to prevent ransomware from affecting their systems:
Organizations can also look into sourcing third-party incident response teams for their security needs. Trend Micro™ Managed XDR is one such service, offering a wider scope of visibility and expert security analytics by integrating detection and response functions across networks, endpoints, emails, servers, and cloud workloads. Using advanced analytics and artificial intelligence (AI) techniques, the MDR team monitors the organization’s IT infrastructure 24/7 to correlate and prioritize alerts according to its level of severity. Organizations can have access to experienced cybersecurity professionals who can expertly perform a root cause analysis to get an understanding of how attacks are initiated, how far they spread in the network, and what remediation steps need to be taken.