Ransomware sentence indicative of cross-border cooperation in enforcement of white-collar crimes

/in


A United States court recently sentenced a Canadian citizen to 20 years in prison for his participation in the NetWalker ransomware attacks. The case displays the coordination of law enforcement units across borders in response to the threat of attacks that similarly transcend borders.

Background

Following a request from the U.S. Federal Bureau of Investigation for assistance identifying a Canadian suspect in their investigation into NetWalker, the RCMP arrested Sebastien Vachon-Desjardins, a former Government of Canada employee, in January 2021. After his arrest, the RCMP searched his home and seized 719 bitcoin (worth approximately $35 million at the time of the seizure) and $790,000 cash. He was charged in Canada with mischief in relation to computer data, unauthorized use of a computer, extortion and participating in a criminal organization. In January 2022, he pleaded guilty to three of the four charges, and was sentenced by an Ontario court to seven years in prison. In addition, he was ordered to forfeit the bitcoin, most of his seized computing devices and all of the cash seized by the RCMP, as well as to pay more than $2.6 million in restitution to the businesses affected by the attacks.

Following his Canadian sentencing, Vachon-Desjardins was extradited to the United States, where he was charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, intentional damage to a protected computer and transmitting a demand in relation to damaging a protected computer. Vachon-Desjardins pleaded guilty to all four charges. On October 4, 2022, a U.S. District Judge in Florida sentenced him to 20 years in prison, and ordered him to forfeit US$21.5 million. Restitution will be ordered by the U.S. court at a later date.

Ransomware attacks

As discussed in a previous post, ransomware is a form of malicious software designed to block access to data or a computer system. Ransomware often encrypts data or programs on information technology systems in an effort to extort ransom payments from victims in exchange for decrypting the information and restoring system access. These types of attacks have increased in frequency, severity and sophistication in recent years —…

Source…