US-Canada water org confirms 'cybersecurity incident' after ransomware crew threatens leak

Trending 1 week ago

The International Joint Commission, a assemblage that manages h2o authorities on nan US-Canada border, has confirmed its IT information was targeted, aft a ransomware pack claimed it stole 80GB of information from nan organization.

"The International Joint Commission has knowledgeable a cybersecurity incident, and we are moving pinch applicable organizations to analyse and resoluteness nan situation," a spokesperson for nan org told The Register.

The spokesperson declined to reply circumstantial questions astir what happened, aliases corroborate nan miscreants' information theft claims.

IJC is simply a cross-border h2o committee tasked pinch approving projects that impact h2o levels of nan hundreds of lakes and rivers on nan US-Canada border. It besides resolves disputes complete waters shared betwixt nan 2 countries. 

On September 7, nan NoEscape ransomware unit listed IJC arsenic a unfortunate connected its dark-web site, and claimed it breached nan commission's network, and past stole and encrypted a flood of confidential data. This info, according to nan crooks, included contracts and ineligible documents, individual specifications belonging to labor and members, financial and security information, geological files, and "much different confidential and delicate information."

The cyber-crime pack has fixed nan IJC 10 days to respond to its ransom demand, aliases it whitethorn make nan swiped info public. 

"If guidance continues to stay silent and does not return nan measurement to discuss pinch us, each information will beryllium published," nan NoEscape leak announcement threatened. "We person much than 50,000 confidential files, and if they go public, a caller activity of problems will beryllium colossal. For now, we will not disclose this information aliases run pinch it, but if you proceed to dishonesty further, you cognize what awaits you."

  • Caesars says cyber-crooks stole customer information arsenic MGM casino outage drags on
  • Save nan Children deed by ransomware, 7TB stolen
  • Airbus suffers information leak turbulence to cybercrooks' delight
  • Ransomware onslaught hits Sri Lanka government, causing information loss

The IJC spokesperson contacted by The Register declined to remark connected nan ransom request aliases if nan committee would pay.

Who is NoEscape?

NoEscape is simply a ransomware-as-a-service cognition that appeared successful May and takes a double-extortion approach. That intends alternatively of simply infecting victims' machines pinch malware, encrypting their files and demanding a ransom to merchandise nan data, nan crooks first bargain nan files earlier locking them up. They frighten to leak nan information, arsenic good arsenic withhold nan decryption keys, if nan victims don't salary nan ransom.

NoEscape operators do not target organizations based successful nan erstwhile Soviet Union. This is simply a akin MO to different ransomware groups, specified arsenic nan now-defunct Conti and Black Basta, which besides debar infecting Russian companies and authorities agencies.

The pack is believed to beryllium a rebrand of Avaddon – different ransomware unit that unopen down and released its decryption keys successful 2021, according to Bleeping Computer.

During its little criminal tenure to date, NoEscape has extorted nan University of Hawaii, which reportedly paid nan ransom; Italian method consultancy Kreacta; Lithuania's Republican Vilnius Psychiatric Hospital; and Taiwanese physics connector manufacturing institution Avertronics, among others. ®