An Ottawa man convicted on charges related to a ransomware attack affecting hundreds of victims was sentenced to two years behind bars on Friday.
Matthew Philbert, 33, was arrested by the Ontario Provincial Police (OPP) in late 2021 following a lengthy investigation that also involved the RCMP, the FBI and Europol.
Philbert was accused of co-ordinating ransomware attacks on private citizens, businesses and government agencies in Canada, along with "cyber-related offences" in the U.S.
He was charged with fraud, unauthorized use of a computer and possession of device to obtain unauthorized use of a computer system or to commit mischief. He ultimately pleaded guilty to four counts of fraud and fraud-related charges.
The attacks typically began with a "malspam campaign" that sent victims unsolicited emails containing infected attachments, the OPP said at the time of Philbert's arrest.
Once those attachments were opened, perpetrators were able to gain access to the computer to peer through web cameras, steal passwords, make unauthorized banking transactions and deploy malware and ransomware.
One of Philbert's attacks affected 1,133 known victims whose losses totalled $49,200, court heard during his sentencing hearing on Friday.
His defence lawyer sought a conditional sentence of two years less a day to be served outside jail.
But Justice Marlyse Dumel agreed with the Crown that Philbert's crimes warranted two years behind bars.
His theft of $15,000 from one family-run business caused significant disruption for the owners, who thought a staff member may have stolen the money.
Philbert once co-owned a restaurant in Orléans that closed, court also heard.
Details of how Philbert will make restitution to his victims will be discussed in court on March 13.