Canadian Military Contractor Hit By Ransomware

The threat presented by ransomware continues to be evidenced in 2020 after an attack on a major Canadian defence contractor Bird Construction.

The Canadian construction firm that provides service for the Canadian military was apparently attacked by cyberattackers MAZE in December 2019, according to Infosecurity magazine.

Earlier this week cybersecurity firm FireEye warned attackers were attempting to use a recently patched critical Citrix bug to infect organisations with ransomware,

Data theft

Toronto-based Bird apparently had signed 48 contracts worth $406m with Canada’s Department of National Defense between 2006 and 2015, Infosec magazine reported.

And despite the reported theft of 60GB of data, which was said to include personal information on Bird staff, as well as data about a firm that Bird has also worked with on a number of projects, Bird claimed that the attack had no business impact.

“Bird Construction responded to a cyber incident that resulted in the encryption of company files,” it wrote in an email to the Canadian Broadcasting Corporation (CBC). “Bird continued to function with no business impact, and we worked with leading cyber security experts to restore access to the affected files.”

There is no word on whether Bird paid a ransom to the Maze attackers.

But at least one security expert highlighted that the danger of ransomware (other than crippling computer systems) is the risk of data theft.

“The ransomware attack on Bird, a Canadian construction company that services the military and government, highlights the duplicitous nature of ransomware attacks,” said Stuart Reed, VP cyber at Nominet.

“Firstly, there is the disruption to business operation as systems are taken offline and, secondly, there is the data exfiltration,” said Reed. “In this case, Bird should be commended for continuing to function with no business impact but unfortunately it did have data exposed that contained personal employee data and information relating to a partner company, Suncor Energy.”

“Above all, this latest attack demonstrates the complexity of managing the security of supply chains,” said Reed. “While it is important that businesses have a holistic approach to their own security it is also vital that they scrutinise their suppliers to ensure the same standards of security are adhered to.”

“It is also important to maintain a layered approach to cyber, utilising the network, for example, to identify potential threats and data theft as early as possible to be able to put appropriate measures in place to mitigate risk and damage,” Reed concluded.

Do you know all about security? Try our quiz!


Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

OpenAI, Broadcom In Talks Over Development Of AI Chip – Report

Rebelling against Nividia? OpenAI is again reportedly exploring the possibility of developing its own AI…

2 days ago

Microsoft Outage Impacts Airlines, Media, Banks & Businesses Globally

IT outage causes major disruptions around the world, after Crowdstrike update allegedly triggers Microsoft outages

2 days ago

GenAI Integration Efforts Hampered By Costs, SnapLogic Finds

Hefty investment. SnapLogic research finds UK businesses are setting aside three-quarters of their IT budgets…

3 days ago

Meta Refuses EU Release Of Multimodal Llama AI Model

Mark Zuckerberg firm says European regulatory environment too ‘unpredictable’, so will not release multimodal Llama…

3 days ago

Synchron Announces Brain Interface Chat Powered by OpenAI

Brain implant firm Synchron offers AI-driven emotion and language predictions for users, powered by OpenAI's…

3 days ago