Cardlock gas stations are back online, but there are empty shelves at member grocery stores
A major Western Canadian company is continuing to be affected by an apparent cyberattack, though it says customer data has not been compromised.
On June 27, Saskatoon-based Federated Co-operatives Ltd. (FCL) said it was experiencing what it called a cybersecurity “incident” that was impacting a range of their operations, including its fuel cardlock system, which supplies fuel to various corporate clients during all hours. That system is now fully back online after service was disrupted for several days.
Specific details about what happened have not been revealed, but FCL said in a statement posted on its social media channels that it did not believe customer data had been compromised by the attack. As of Wednesday morning, FCL’s website remained offline, along with the websites of various member cooperatives.
Natalia Stakhanova, a professor of computer science at the University of Saskatchewan who holds the Canada Research Chair on Security and Privacy, said that from the outside looking in, it is likely that the company is dealing with some sort of ransomware attack. She said these kinds of incidents have been on the rise as of late.
“We’ve been seeing quite a few in the past year and, actually, the numbers have been sort of staggering across Canada and the world,” she said.
A ransomware attack is when hackers find a vulnerability in an organization’s system, then steal valuable information and demand a ransom payment in exchange for what they have stolen. This information can range from communications between high-level managers to customer data.
“It’s actually old-fashioned extortion,” Stakhanova said.
It’s actually old-fashioned extortion
Natalia Stakhanova
Other food industry companies have also been hit by cybersecurity attacks. On July 2, Agropur Dairy Cooperative said it was the victim of an attack that impacted part of its shared online directory, though it did not affect its transaction systems.
Empire Co. Ltd., which owns the Sobeys chain of grocery stores and others, said a cybersecurity attack that happened in November 2022 cost the company $25 million. That attack shuttered pharmacy services and impacted the company’s self-checkout stalls.
As the number of cyberattacks has increased, Stakhanova said changes have been observed in the groups carrying out the attacks. She said hackers who engage in ransomware attacks have started to become more specialized and that there are now groups that target certain types of organizations. But she said not much is known about the people who comprise these groups.
“We don’t know who they are,” she said.
I doubt the company is going to come forward and tell us exactly what happened
Natalia Stakhanova
Since making its first public comments about the cyberattack, FCL said it has been able to get its cardlock gas stations back online, but there are empty shelves at member grocery stores, with signs telling people the lack of supply is due to IT issues.
Stakhanova said these shortages are likely a result of the company having to shut down its system due to the ransomware attack in order to determine how severe the attack may be.
“You sort of have to follow up and see what happened and how much data they have,” she said.
Stakhanova said hackers can gain access to a company’s system via a number of avenues, including being the first to discover a vulnerability. It can also be the result of policies not being followed inside an organization. She said it is unlikely that much will come to light when it comes to the specific details of the incident.
“I doubt the company is going to come forward and tell us exactly what happened,” she said.
Stakhanova said companies that experience ransomware attacks generally hire private companies that can offer them support, including an investigation of the specific incident. She said legislation in Canada is limited when it comes to mandatory public disclosure, but the Office of the Privacy Commissioner may need to be informed in certain cases, depending on the organization and the data that has been compromised.
Stakhanova said it is difficult to put a specific number on the economic impact of such attacks, considering all the areas that come into play, including financial losses as well as reputational damage. But she said there are also a number of instances where companies find it is in their best interests to pay the ransom demand.
“The numbers are very significant,” she said.
The Saskatoon Star Phoenix has created an Afternoon Headlines newsletter that can be delivered daily to your inbox so you are up to date with the most vital news of the day. Click here to subscribe.
With some online platforms blocking access to the journalism upon which you depend, our website is your destination for up-to-the-minute news, so make sure to bookmark thestarphoenix.com and sign up for our newsletters so we can keep you informed. Click here to subscribe.