City believes personal data is safe during Hamilton cyberattack. Experts say that's unusual - Action News
Home WebMail Tuesday, November 26, 2024, 07:53 AM | Calgary | -17.5°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Hamilton

City believes personal data is safe during Hamilton cyberattack. Experts say that's unusual

Hamilton officials said they believe the ransomware attack didn't compromise personal information. But cybersecurity experts say in attacks like these, its rare for that sort of data to be spared.

'Thats nice to believe ... but I don't think it's very likely': hacker

City of Hamilton
The inside of City Hall in Hamilton was quiet in the early days of the cyberattack. (Bobby Hristova/CBC)

In the two weeks since a ransomware attack against the City of Hamilton downed multiple city services, officials have maintained they believe no personal information has beencompromised.

"That's nice to believe and I like to think that unicorns still exist somewhere in the world, but I don't think it's very likely," hacker and cyber expert Jayson E. Street told CBC Radio's Day 6 this past week, reflecting on the case.

Local officials have been tight-lipped about the hack, saying the sensitive nature requires discretion. But cybersecurity experts tell CBC that generally, it's rare for personal information to be spared in an attack like this.

Streetsaid that often, criminals will not only steal and ransom data, but copy it and extort targets by threatening to release it publicly. Streetgets hired to test companies' defences by trying to hack through them using methods such as fake websites, or deceiving workers to gain physical access to computers and restricted areas.

He says cities' systems have too many access points to count, and hackers can exploit all of those.

The city hasn't shared how ransomware got into its system, but that sort of software generally works by blocking a user from accessing their system or data until they pay a sum of money. According to the Canadian Centre for Cyber Security, it's likely the most disruptive form of cyber crime and can take out entire systems.

Calvin Chrustie, a risk consultant and former RCMP senior operations officer, previously told CBC Hamilton that the city "would be considered extremely fortunate if they [the attackers] didn't have access to some personal data in a situation like this."

CBC Hamilton asked officials if they still believe personal information to be safe, how confident they are and why. A Hamilton spokesperson did not respond by deadline.

Hamilton, Ontario, confirmed this week it was hit by a ransomware attack that took many of its services off-line and shut down city council meetings. Jayson E. Street, a hacker who gets hired to test companies' defenses by trying to hack through them, says cities are extraordinarily vulnerable right now, but that there are ways to keep themselves safe and everyone's data secure.

Cyber attack started over two weeks ago

On Feb. 25, the cyberattack shut down most city phone lines, paused council and committees meetings are set to restart March 27 and disrupted services including the library, bus schedule app and payment processing.

City manager Marnie Cluckie has said it's "impossible to know" how long it will take to get operations back.

In an email Monday, a city spokesperson told CBC Hamilton the municipality is delayed in processing approximately $36 million in pre-authorized property tax payments, "until such time as services are restored."

How ransomware attacks work and their sweeping impacts

7 months ago
Duration 2:37
McMaster University Prof. Andrea Zeffiro, who focuses on critical data studies, says vulnerable communities are more likely to be impacted by the attack that's suspended Hamilton services for over a week.

On Tuesday, Mario Posteraro, president of OPSEU Local 256 which represents over 450 paramedics, was one of several union leaders who shared ways in which the attack is affecting their members.

He said some workers haven't been able to get paid for overtime work andhave concerns about whethertheir personal information has been breached.

As an employer and through its programs, the city collects a wide range ofinformation,from worker banking datato addresses of families who use services like recreation centres and housing support.

Municipalities are appealing targets for criminals

Hamilton is far from the only municipality dealing with cyber threats. Huntsville isdealing with an attackwhich began on Monday and the Toronto Public Library recently recovered from an attack after four months.

Last week, Kush Sharma, a director at Municipal Information Systems Association Ontario, told CBC Hamilton that municipalities house critical systems such as water and transportation, and that attackers want targets where they can shut down services or steal personal information they can use as leverage for payment.

Municipal breaches are not tracked by one body, Sharma said, but based on a survey his organization conducted in 2023, municipalities that faced significant breaches took up to a month to recover critical systems and faced ransom demands ranging from less than $50,000 to over $1 million.

Street told Day 6 that preventing attacks involves making workers more aware of threats, because employees are often the first line of a system's defence.

"We don't assume risk sometimes. When we feel like we're in a safe area we forget that there's going to be danger," he said.

You can't foolproof a system, he said, but dividing systems to limit access to personal and private data helps.

"Even if they break into the rest of the castle and they sack the castle and they get all the employee emails and they get all the transactions and bring down the web server they still didn't have access to the crown jewels."

With files from CBC Radio, Samantha Beattie, Bobby Hristova