Reportedly, CIRA’s car parking system was infected via a
ransomware and was hacked into to let people park for free.
Canadian Internet Registration Authority is a gigantic
internet domain which has 2.8 million, under its wings with a .ca
domain.
The yet anonymous cyber-cons compromised CIRA’s car parking
system, aiding people to park without getting their parking passes scanned.
Allegedly, some other company manages the car parking under
CIRA.
Initially the cause which was thought to be a power failure
or mechanical system crash, turned out to be a ransomware attack.
The database which was used by the car parking system for
management was specifically compromised.
That very database also holds tens and tens of employee
credit cards which if in wrong hands could wreak serious havoc.
After further analysis it was discovered that the ransomware
in question could possibly be “Darma”.
This ransomware goes about infecting computers by way of RDP
connections restricting to system that run on RDP (
These cyber-cons target the RDP protocol which runs on 3389.
After performing a brute force attack they tried to harvest administrative credentials.
Later on an attempt at performing malicious activities on
the system as made.
The silver lining happens to be that the stored card details
would reclaim all the damage done by the free parking.
According to CIRA’s security survey, 37% of businesses don’t
employ anti-malware protections.
CIRA also cited that they have no way whatsoever of knowing
what sort of security measures are employed by the car parking in question.
