Canadian police have detained an Ottawa resident for his alleged role in orchestrating ransomware attacks against private companies and government agencies in Canada and the US since 2018.
Matthew Philbert, 31, of Ottawa, was detained last week, on November 30, as part of Operation CODA. He was formally charged today in both Canada and the US.
According to a press conference today, Philbert is believed to have worked with an international cybercrime group to infect organizations with malware via phishing emails.
The malware allowed Philbert and his co-conspirators to access the infected systems and deploy ransomware.
While officials didn’t share any of the victims’ names, the US Department of Justice did mention that one of Philbert’s victims was “a computer belonging to the State of Alaska in April 2018,” which coincides with a highly-mediatized ransomware attack that hit the Alaska court system at the same time and crippled its operations for weeks.
The Ontario Provincial Police, which led the Canadian investigation, said it learned of the suspect after being contacted by the FBI’s Anchorage bureau in January 2020, which currently strongly suggests that Philbert might have been involved in the aforementioned attack.
“Today’s unsealed indictment is a great example of the importance of international partnerships to combat the evolving and growing threat of cybercrimes,” said Bryan Wilson, Acting US Attorney for the District of Alaska, in a DOJ press release.
“Cybercriminals are a dangerous threat and together with our law enforcement partners, we will use all our available resources to bring cybercriminals who target Alaskans to justice, wherever they are.”
The post Canadian police arrest Ottawa resident for ransomware attacks appeared first on The Record by Recorded Future.