As we’ve been writing about for much of this past year, hackers have hit dozens of municipalities in the U.S. so far; demanding ransom from various municipal departments, schools and even police departments – how brazen is that?!? A recent article in The Star about a week ago showed us that, although the U.S. attacks are getting most of the press, Canadian municipalities are not immune to being hit themselves, with ransomware victims including a multitude of locations including Stratford, Wasaga Beach and, more recently, Toronto!
It was revealed last month by Toronto’s auditor general report that two of the city’s entities / departments were reportedly attacked by ransomware, compromising their systems. Unfortunately, because protocols were not put in place, for both situations, the incidents were NOT communicated to the city’s CIO. This has set off alarm bells at city hall and has triggered recommendations for stronger safeguards as it has exposed the vulnerabilities that Toronto’s systems have to hacker attacks.
Thankfully, the city’s main digital backbone was not compromised, but the attacks have spurred audit committee members to urge the acceleration of the development of notification protocols and steps to improve existing safeguards. As a result, the city will create a new CISO position to oversee Toronto’s defences to attacks, and will include bolstering in-house security infrastructure and hiring private-sector experts to provide MSP services. This is all well and good and is a positive sign that municipalities are starting to heed the warnings and are taking steps to protect themselves from what is seemingly an almost inevitable occurrence for potentially all cities.
The whole ransomware epidemic has been rapidly evolving over time and we believe it will go beyond just the US and Canada. Our continued advice to all municipalities is to “get prepared”. Hackers are now focused on municipalities, locking up their systems and causing more damage for a lot more people, because this often includes taking down essential municipal services. As a result, the desirability to just pay the ransom, in order to get services back as soon as possible, is very appealing to many of these municipal victims, despite more than 225 U.S. mayors recently signing a resolution not to pay ransoms to hackers. The jury is still out on whether this resolution will hold because the potential costs for not paying has been seen to be very steep. For example, Baltimore refused hacker’s demands for $75K worth of bitcoin and now faces remediation costs of more than $18MM in order to get their systems back on line and to repair damages done.
At Wedge, we’ve kept track of how the ransomware epidemic has evolved and progressed to where it is now and we consistently encourage Detection and Blocking as a solution to this epidemic. We applaud the municipalities that are taking a proactive approach to protecting themselves; following the suggested advice of providing staff training for identifying potential phishing emails as well as what to do in the event of an attack, keeping full ‘out-of-band’ backups, continual assessment of weak points, updating and patching systems, and looking to network security solutions that provide real-time protection and remediation.
At the same time, we continue to stress that real-time protection is a key part of the solution. If municipalities can PREVENT an attack before it happens, they will be able to save themselves the headaches of having to go through the whole remediation process. Wedge’s Advanced Malware Blocker, with its Deep Content Inspection and orchestrated threat management of industry-best-of-breed malware heuristics and artificial intelligence can detect and block ransomware and other malware in real-time! In the ever-evolving ransomware epidemic, prevention has always been the one constant that can actually save an organization time and resources. So, for our Canadian municipalities who are continuing their battle against ransomware, feel free to try WedgeAMB for FREE on a 90 day trial or contact our team at: firstname.lastname@example.org to learn more.