Cyber Incident Victim: Government of Nunavut

On November 2, 2019, the Government of Nunavut experienced a significant ransomware attack that disrupted its electronic communications network. The malware infection targeted public services, encrypting data and demanding payment—typically in cryptocurrency—to restore access. Premier Joe Savikataaq confirmed the incident originated earlier that day, characterizing it as a deliberate virus attack on the GN’s internet infrastructure. Ransomware, the specific type of malware used, operates by blocking system access until its demands are met. This attack immediately impaired government operations, preventing employees from accessing email accounts or online files. Residents across Nunavut also faced disruptions, encountering difficulties or complete inability to access essential public services dependent on the compromised network. By November 3, the Department of Executive and Intergovernmental Affairs website remained functional, indicating partial recovery efforts, but broader network functionality remained severely limited.

The attack underscored the GN’s vulnerability to cyber threats amid its reported exposure to 4,000–5,000 weekly cyber intrusion attempts. Ransomware typically spreads through malicious email attachments or drive-by downloads from compromised websites, though the precise infection vector in this incident was not publicly disclosed. The GN’s response focused on managing operational fallout while avoiding public commentary on whether a ransom was paid. The RCMP emphasized that paying ransoms funds criminal enterprises, reflecting broader law enforcement guidance. Cybersecurity experts noted a rising trend in ransomware incidents across Canada, with many attacks going unreported due to reputational concerns or unresolved negotiations. The incident highlighted critical dependencies on digital infrastructure in Nunavut’s public service delivery and the persistent risks posed by increasingly sophisticated cyber threats.