Friday, April 26, 2024
  • Keith Walking Floor - Leaderboard - Sept 2021
  • Procore Leaderboard 2024
  • IAPMO R&T Lab - Leaderboard
  • Premier Leaderboard - updated Nov 19
  • Revizto - Leaderboard - March and April
  • Dentec - Leaderboard - 2023 - Updated
  • CWRE 2024 - Leaderboard
ransomeware
January 28, 2020

Ontario construction firm victim of ransomware attack

A multi-million dollar Ontario construction firm that has worked on major federal and provincial projects including facilities for national defence and police stations has been hit by a ransomware attack.

According to CBC News, Bird Construction of Mississauga, Ont., acknowledged that it was recently victimized, but didn’t give any details.

“Bird Construction responded to a cyber incident that resulted in the encryption of company files,” the CBC quoted an unnamed company spokesperson as saying. “Bird continued to function with no business impact, and we worked with leading cybersecurity experts to restore access to the affected files.”

IT World Canada has been trying unsuccessfully to get hold of the company.

Brett Callow,  a British Columbia-based security analyst with the anti-virus software firm Emsisoft, told IT World Canada that in December the group behind the Maze ransomware posted a note on its site that it had infected the construction company’s systems. The Maze group includes data theft among its strategies, using the threat of releasing some data to pressure victims into paying up. That December note was one of a list of companies Maze said hadn’t co-operated, so their data might be released.

It isn’t clear from the company’s statement if it paid a ransom. But Callow saidthat for a brief period of time the employee records of a few Bird Construction employees — including their social insurance numbers — were posted on the Maze site. In addition, a document from Calgary-based Suncor Energy that didn’t have personally identifiable information was briefly published by Maze.

“It’s not at all unlikely that the actors are still in possession of the data,” Callow said in an email. “Even if Bird paid the ransom, it seems likely that the criminals would retain the data as they are able to use or monetize at a later date.”

Callow added he has major concerns around the exfiltration and blackmail tactics that are being deployed.

Keep reading in IT World Canada

Share YOUR news on this network

Deadline for this week in Friday at noon

Contact us to find out how

Find more news here

Find events calendar here

Find media kit here

LinkedIn
Submit YOUR Content
  • IAPMO R&T
  • Dentec Winter Catalog Box
  • RAIC Vancouver Conference 2024
  • Premier - Box
  • UAV Expo 2024 - Box
  • Metcalcon 2024
  • Groundbreak 2024 - Box
  • Build Innovation 2024 - Box ad
  • Chicago Build 2024 - Box
  • Procore Box 2024
  • Keith Walking Floor - Box - Sept 2021
  • Sydney Build 2024 - Box
  • CWRE 2024 - Box
  • Dentec - Sqwincher Cold Stress - Button
  • Dentec - ICETRED - Button
  • IAPMO - Button
  • Skyscraper - Premier - July 12
  • Keith Walking Floor - Skyscraper - Sept 2021
  • Dentec - Skyscraper - Jan 2023
  • Procore skyscraper 2024