Toronto-based Moneris, a technology company jointly owned by the Royal Bank of Canada and the Bank of Montreal, successfully thwarted a ransomware attack by the Medusa gang.
Although listed on a cybercrime group’s data leak site, Moneris’ cybersecurity team managed to prevent access to critical data, and no ransom request was made. While the attempt’s timing remains undisclosed, the company affirmed its commitment to cybersecurity, emphasizing the protection of customer data and prompt actions that averted any impact on Moneris and its clients.
The Medusa gang, responsible for multiple high-profile attacks in 2023, had demanded a $6 million ransom from Moneris, granting nine days to comply. Moneris, the largest payment processor in Canada, operates at over 325,000 merchant locations across the country.
Despite reporting system outages in September, Moneris assured that its dedicated cybersecurity team swiftly responded, ensuring the security of customer data. The Medusa gang operates under a ransomware-as-a-service (RaaS) model, and ransomware groups have increasingly targeted financial system infrastructure, as seen in a recent attack on the Industrial and Commercial Bank of China (ICBC).
ICBC confirmed the attack, revealing that the LockBit ransomware group claimed an undisclosed ransom payment, resulting in disrupted trades in the U.S. Treasury market. The attack left ICBC’s U.S. arm indebted to another bank for over $9 billion, forcing the use of USB sticks and temporary Gmail accounts to conduct business during the incident.
The Moneris success story highlights the ongoing threat of ransomware and the crucial role cybersecurity measures play in safeguarding critical financial infrastructure.