Ransomware attack on the Government of Nunavut

Ransomware has struck again and this time the victim is the government of Nunavut. Their communication system was infected with malicious software that encrypted GN servers, workstations and files, rendering them inaccessible. If they have backup and disaster recovery plan they would save thier data from such attacks.

The good news, however, is that GN services remained open and available which shows how serious they were about backups and were fully aware of the ransomware threats.

Backup & DR helped GN to remain open

A new and a very advanced, sophisticated type of ransomware hit the government of Nunavut’s electronic communication system. Fortunately, the essential services were not affected and the GN remained opened, although there may be some delays due to the attack.

Joe Savikataaq, a Nunavut premier stated that Nunavummiut are working non-stop to resolve this issue as quickly as possible and further said that essential services will not be impacted in any way and the GN will continue to operate while this issue is resolved.

Now, how was this possible? 

How were they able to remain operational even after a ransomware attack?

Backup and disaster recovery. They had a proper backup and disaster recovery plan in place which enabled them to continue operations efficiently, without suffering a lot of downtime.

Having said this, they did not remain completely operational. They only managed to remain partially open. So far, electronic data for services related to health, family services, education, justice and finance are down.

If a person wants to visit the QCH or the health clinic, he or she needs to bring their health card and a list of any medication they may take if form of a hard copy, until the services are restored back, which the officials say as a top priority.

The Officials stopped Ransomware from spreading

The attack encrypted individual files on many servers and workstations but the officials were able to stop the malware from spreading and are restoring all the files from the backups.

According to the GN, there was no loss of personal information or any privacy breach and the team was working around the clock to help restore all the files and services as soon as possible. The GN requested patience and corporation from the general public.

 A better DR plan would have boosted the recovery process

There is no doubt that the GN did a formidable job in stopping and containing the malware and are recovering from backups, but it is taking quite a long time to do so. They were able to restore some operations and were partially available but still suffered some inconvenience as their communication system was infected.

All this could have been avoided if they had a reliable and efficient DR backup plan which offers RTOs less than 15 minutes and offers end-to-end encryption which makes it highly resilient to ransomware. StoneFly, for example, offers such disaster recovery solutions in a very cost effective way.

Conclusion

The ransomware attack on the government of Nunavut reminds us how common these attacks have become and how important it is for any organization to setup a backup and disaster recovery plan. It enables organizations to restore workstations and servers and continue operations without suffering any sort of downtime whatsoever.