Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label QEC. Show all posts

A Nunavut Ransomware Incident Was Not Reported by Qulliq Energy

 


Despite being locked out of its data in January's cyberattack, Qulliq Energy Corp. did not use the word, ransomware to describe what took place. 

A cyberattack that targeted QEC on January 15 was discovered, and QEC announced that it had fallen victim to it the previous month. QEC's information technology, such as the email system, billing, and payroll database, was impacted by the large cyberattack. However, no operating technology, such as the power plants' infrastructure, was affected. 

QEC's vice president of operations and engineering Bill Nippard explained that there are several levels of cyberattacks, and the level of these attacks can vary greatly. Sometimes, they steal data from you, and other times, they simply lock your data out of your computer and encrypt it.   

However, as far as the data is concerned, the team at QEC does not believe there has been any adverse impact on their data from this incident. This is still under investigation as they mentioned. 

During an interview with Nippard about the nature of the attack, he expressed that the investigation was still at an early stage. He was not sure if it was the former or the latter when QEC was cut off from its system and its data was encrypted. 

Nipard mentioned that they have encountered that type of cyberattack in this case, but it is quite early in the investigation stage. Many details need to be sorted out. 

As it turns out, it is very difficult to determine if this is a ransomware attack. This is because if the former had occurred if the former were the case, the GN would have been subjected to a cyberattack for the second time in more than three years. 

GN's entire IT system was hacked in November 2019, which led to a large amount of data breaches. All communities were able to regain core connectivity and applications within the last six weeks after being taken out of service. It was not affected since QEC is not part of the GN's information technology system, so the public utility was spared.  

A government report has reported that the department of community and government services alone had to spend more than $5 million to resolve the problem resulting from the 2019 attack. The recovery process involved replacing more than 1,400 workstations as part of the recovery process. It has been reported by Microsoft that more than 5,500 devices have been affected by the vulnerability. This is the company that was hired by the government to help rebuild the network. 

In light of the detailed information that is available, QEC is unable to comment on the details of the cyberattack, Nippard replied. He was asked directly if the cyberattack was, according to his description, a ransomware attack. 

The process may be similar to a knot that has been tangled very tightly if you understand me. Taking the time and being patient is something that takes a lot of effort. There is likely to be a little bit of time involved in getting to the bottom of this, but it will be well worth it in the long run. 

Nippard said that even though QEC operates independently of the government's IT infrastructure, QEC was informed about the lessons learned from the 2019 attack. 

Upon completion of this investigation, he said, there will be lessons learned, which we will share with the GN once the investigation is completed. However, it must be noted that during those three years, there was a lot of change in cybersecurity, cybercrime, and cyber terrorists. 

Quite a few changes have taken place since then, so it is challenging to keep up. Even though it is a continual struggle, it is not going away. 

The Email System Behaves Oddly. 

An employee of QEC attempted to send an email to an external recipient, and after sending it, Nippard says the issue was discovered during an investigation. During the past few weeks, however, Nunatsiaq News first reported a malfunction with the email system, as per the report. CBC News reported that Nippard's email system began behaving strangely almost as soon as he sent the email, citing that the system denied sending the email. 

There was a point where the employee communicated with the IT team at the company. The IT team began an investigation and shut down the network and the entire system within the company, believing that there had been some kind of cyberattack. 

As a result of the cyberattack, Nippard did not provide any information on whether or not QEC is still locked out because of the incident. Despite that, the interviewer made sure to emphasize several times throughout the interview that there had been no impact on any customer data. 

He said that as soon as QEC and its customers are sure that there is no safety risk, he would not plan to unlock anything until he is 100 percent sure there is no safety risk. 

The power systems continue to operate normally. The company advises all of its customers to continue to keep an eye on their financial card information and their credit card statements. This will enable them to avoid any unforeseen situations.