Man Sentenced to 20 Years in Prison For NetWalker Ransomware Attacks

October 07, 2022 - A Canadian man is facing 20 years in prison for his role in a variety of NetWalker ransomware attacks, including attacks against the healthcare sector during the COVID-19 pandemic. Sebastian Vachon-Desjardins, 35, of Gatineau, Quebec, was also ordered to forfeit $21.5 million.

“NetWalker ransomware has targeted dozens of victims all over the world, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities,” a Department of Justice (DOJ) press release stated.

“Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.”

Previous reports indicate that NetWalker ransomware was behind a ransomware attack on the website of Champaign-Urbana Public Health District in Illinois in March 2020.

By July of the same year, the Federal Bureau of Investigation (FBI) issued a flash alert about the group as they continued to target US and foreign healthcare organizations, private companies, educational institutions, and governments.

For his role in the attacks, Vachon-Desjardins was arrested in Canada and extradited to the United States. Canadian authorities seized $742,840 in Canadian currency and 719 Bitcoin from Vachon-Desjardins’ home.

“The defendant identified and attacked high-value ransomware victims and profited from the chaos caused by encrypting and stealing the victims’ data,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division.

“Today’s sentence demonstrates that ransomware actors will face significant consequences for their crimes and exemplifies the Department’s steadfast commitment to pursuing actors who participate in ransomware schemes.”