Prince Edward Island Website Down Due to Crypto Ransomware Attack

The government website for Prince Edward Island just went down due to a ransomware attack that defaced its forward-facing interface for visitors and demanded a smidge above $50 for restoring order.


by
Miguel Gomez,
1 hr ago









×

.modalimagetarget:hover {opacity: 0.7;}

.modalImg {
display: none;
position: fixed;
z-index: 10000;
padding-top: 100px;
left: 0;
top: 0;
width: 100%;
height: 100%;
overflow: auto;
background-color: rgb(0,0,0);
background-color: rgba(0,0,0,0.9);
}

.modalImg .modal-content {
margin: auto;
display: block;
width: 80%;
max-width: 700px;
}

.modalImg .caption {
margin: auto;
display: block;
width: 80%;
max-width: 700px;
text-align: center;
color: #ccc;
padding: 10px 0;
height: 150px;
}

.modalImg .modal-content, .modalImg .caption {
-webkit-animation-name: zoom;
-webkit-animation-duration: 0.6s;
animation-name: zoom;
animation-duration: 0.6s;
}

@-webkit-keyframes zoom {
from {-webkit-transform:scale(0)}
to {-webkit-transform:scale(1)}
}

@keyframes zoom {
from {transform:scale(0)}
to {transform:scale(1)}
}

.modalImg .close {
position: absolute;
top: 15px;
right: 35px;
color: #f1f1f1;
font-size: 40px;
font-weight: bold;
transition: 0.3s;
}

.modalImg .close:hover,
.modalImg .close:focus {
color: #bbb;
text-decoration: none;
cursor: pointer;
}

@media only screen and (max-width: 700px){
.modalImg .modal-content {
width: 100%;
}
}

The website for the government of Prince Edward Island in Canada has gone down for maintenance with a placeholder message saying that it’s “temporarily unavailable.”

The Guardian reports that the government was the victim of a ransomware attack. After the malware hit, visitors to parts of PEI’s government site witnessed a message saying “Oops, your website have [sic] been encrypted!”

The pages also told visitors that one couldn’t simply decrypt the files without a tool provided by the attackers, insisting that they “do not waste [their] time” trying to do this themselves.

The payment demanded by the ransomware’s author was 0.0057 BTC, which is roughly $50 dollars using today’s Bitcoin value.

Analyzing the screenshot that The Guardian provided, it looks like this was just another strain of the WannaCry attack that hit hundreds of thousands of systems around the world in May last year.

The demand was usually higher—around $300 in Bitcoin—but the mechanism was practically the same.

Even the color scheme used was identical. The only major difference between the two was that WannaCry would use the term “computer” while this copycat version replaces it with the word “website.”

Although the popularity of ransomware is on the decline in favor of cryptojacking, companies still stocked up on Bitcoin to pay off hackers since the WannaCry attacks took place, according to Kirill Tatarinov, CEO of Citrix.

Ransomware attacks continued to work their way through corporate and government servers, most of them more or less copycats of the one that ripped through systems worldwide last year.

Most recently, Atlanta’s government was hit with a plague of this type of malware a month ago.

Although ransomware is steadily losing popularity because of the amount of talent required to execute this kind of attack on a large scale, companies should take note of the fact that the threat is still out there and they stand to lose a significant amount of capital if they do not take measures to prevent getting hit.