Canadian Ransomware Arrest Is a Meaningful Flex, Experts Say

U.S. and Canada charge Ottawa man for ransomware attacks, signaling that North America is no cybercriminal haven.

Investigations that ran in parallel over nearly two years by Canadian and U.S. law enforcement have led to this week’s arrest of an Ottawa man, who is alleged to have an extensive track record of ransomware attacks on companies, governments and individuals.

The highly-publicized arrest is a message to North American ransomware operators — law enforcement is on the case.

The U.S. charges are focused on a specific attack on a computer owned by the State of Alaska, but Ontario Provincial Police (OPP) Detective Inspector characterized 31-year-old Matthew Philbert as “the most prolific cybercriminal we’ve identified to date,” in an exclusive interview with Krebs on Security.

Canadian authorities have charged Philbert with fraud, using a computer to commit mischief and unauthorized use of a computer.

Project CODA

The OPP joined with the FBI for a press conference following the arrest, which is part of a joint cybercrime task force called CODA.

“The FBI alongside our international partners, OPP and RCMP (Royal Canadian Mounted Police), will continue to investigate these malicious cyber-actors who continue to target U.S. and Canadian infrastructure,”

Read More: