Ottawa man charged in international cybersecurity attacks

·2 min read
Matthew Philbert, 31, was charged Tuesday in connection with a number of ransomware and other cybersecurity attacks following a 23-month investigation involving the Ontario Provincial Police, the RCMP, the FBI and Europol. (Trevor Brine/CBC - image credit)
Matthew Philbert, 31, was charged Tuesday in connection with a number of ransomware and other cybersecurity attacks following a 23-month investigation involving the Ontario Provincial Police, the RCMP, the FBI and Europol. (Trevor Brine/CBC - image credit)

An Ottawa man is facing charges in both Canada and the U.S. in connection with a number of ransomware and other cybersecurity attacks.

Ontario Provincial Police announced Tuesday 31-year-old Matthew Philbert had been charged following a 23-month investigation that also involved the RCMP, the FBI and Europol.

Philbert is accused of co-ordinating ransomware attacks on individuals, businesses and government agencies in Canada, along with "cyber-related offences" in the U.S., OPP said in a news release.

He has been charged with fraud, unauthorized use of a computer and possession of device to obtain unauthorized use of a computer system or to commit mischief.

Police also seized desktop and laptop computers, hard drives, cellphones, blank cards with magnetic stripes and a Bitcoin "seed phrase" — a list of words that essentially serves as a master password for a cryptocurrency wallet.

Philbert is being held in custody pending a future court date, OPP said.

Accused also indicted in the U.S.

Philbert was also indicted in the state of Alaska and charged with a pair of computer-related fraud and conspiracy charges, according to a statement from the U.S. Attorney's Office for the District of Alaska.

Philbert allegedly "conspired with others known and unknown to the United States to damage computers," including one in Alaska in April 2018, the statement said.

While the charges were only announced Tuesday, Philbert was arrested by the OPP on Nov. 30, the attorney's office said.

The attacks typically began with a "malspam campaign" that sent victims unsolicited emails containing infected attachments, said OPP Det. Insp. Matt Watson at a Tuesday media conference.

If those attachments were opened, the suspects could get access to the computer and do things like peer through web cameras, steal passwords, make unauthorized banking transactions and deploy malware and ransomware.

CBC / Radio-Canada
CBC / Radio-Canada

Cyberattacks on the rise

OPP did not identify any specific victims, with Watson saying he didn't "want to compromise future court proceedings."

Several Ottawa-area agencies, however, have been hit by cyberattacks in recent months.

Targets have included the hospital in Kemptville, Ont., the municipal government in Clarence-Rockland, Ont., and the transit system in Gatineau, Que.

Experts have noted that ransomware and other cyberattacks have shot up in recent years, particularly during the COVID-19 pandemic as more people work from home and more business is conducted online.

The OPP said Tuesday that reports involving cybercrime had risen by 140 per cent since 2019.

The "geographically agnostic" nature of cybercrime means police agencies have to pool resources, as they did in the Philbert case, to get results, said Brian Abellera, the FBI's assistant legal attaché in Ottawa.

"Cybercriminals are exploiting us at the seams and targeting U.S. and Canadian critical infrastructure, businesses and victims with increasing sophistication speed and frequency," he said.

"A single law enforcement agency alone cannot defend against this threat."

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting