The Town of Midland Ontario has not had full access to its computer system since Sept. 1, including during a 48-hour period in which all computers connected to the municipal network were unusable. They plan to pay off a hacker who was able to lock down the town’s computer system.
At issue is a ransomware scam, in which a computer system is taken over remotely. It typically happens when a user unknowingly opens a malicious email attachment.
“We had some very large players come in and take advantage of Midland,” Mayor Gord McKay said.
Ransomware attacks have become a fast-growing business for hackers. A recent report from U.S. cybersecurity firm RiskIQ found that around the world, one organization falls victim to a ransomware scam approximately every 40 seconds, at an average cost to the organization of more than $15,000.
The attacks are also considered relatively easy to launch, with instructions and do-it-yourself kits available via the dark web.
“Even people with low technical skill can get into this racket,” Claudiu Popa, a Toronto-based cybersecurity expert, told CTV News.
The town’s financial processing system was significantly affected by the hack. A sign posted at the Town Hall building informed residents that the town could not accept payments via debit or credit cards.
According to McKay, there are no indications that personal data of Midland residents was accessed improperly.“As far as we know, there’s been no information revealed,” the mayor said.
The hacker demanded an undisclosed number of Bitcoins as payment for releasing their grip on the town’s computers. Negotiations are ongoing, and town officials declined to comment on the exact payment amounts being discussed.
Also unclear is exactly who was behind the hack or how much dealing with it cost the town. The direct cost of paying off the hacker will be covered by the town’s insurance company.
The nearby town of Wasaga Beach, Ont., was hit by a similar attack this spring. Government data was inaccessible for several weeks as the town negotiated the ransom demand down from the Bitcoin equivalent of $144,000 to about $35,000 worth of the cryptocurrency. The town pegged the overall cost of the attack at more than $250,000.
Midland moved to secure an insurance policy against ransomware attacks after learning of what had happened in Wasaga Beach. Other measures the town took included an upgrade to its firewall system, which was nearly complete when the attack hit earlier this month.
The municipal computer system has slowly been returning to normal this week as negotiations with the hacker have continued. Officials hope the system will be fully restored within the next few days and are planning cybersecurity upgrades to make repeat attacks more difficult.
Ultimately, though, there is no security measure which will make any town’s network completely invulnerable to ransomware attacks – something which has officials in Midland describing a second attack as “a matter of when, not if.”
With reports from CTV’s John Vennavally-Rao and CTV Barrie’s Mike Arsalides
Armor Coded’s Datto devices have Ransomware detection built in!