It has been confirmed that the town is the victim of a successful cyber attack, leaving their internal computers on lockdown.
The town of Wasaga Beach was hit with a ransomware attack that has left town employees locked out of their internal municipal computer systems. This attack was confirmed to have taken place in a statement made to the press on Friday, May 4th, with the incident having taken place the previous Sunday. George Vadeboncoeur, Wasaga Beach C.A.O, has said that at that time there had been communication with the hackers responsible and that steps were being taken to rectify the situation as quickly as possible.
Some of these steps included getting in touch with the OPP, RCMP, an IT consulting firm, and the County of Simcoe in order to decide on the best course of action to not only resolve the situation but to keep hackers from compromising as much data as possible.
Vadeboncoeur also stated that they believed the hackers had no interest in the data that was being held hostage – all the hackers wanted was the payout that had been requested. In the days that followed, the decision was made to pay the ransom, and get back to business as usual. The municipality has told residents that they don’t believe any data was compromised or stolen, but that anyone with concerns should keep an eye on their bank accounts for any signs of irregular activity as a precaution.
Ransomware Doesn’t Discriminate Between Targets
It cannot be overstated – ransomware doesn’t care who you are. When the only goal is squeezing money out of a target, any target at all will do for these hackers. The municipal government has both of the qualifications that make their operations an ideal victim in this scenario; public data that needs to be carefully guarded and access to enough funds to result in a decent payday for a hacker’s efforts.
Despite the fact that attacks like this happen each and every day around the globe, an alarming number of organizations still haven’t taken the needed precautions to keep cybercriminals out of their systems. This “It could never happen to me” mindset needs to end today. As long as there are bad guys out there doing what it is they do best, no one is safe from these risks.
What Would Your Municipality Do In The Face Of Ransomware?
Wasaga Beach made the decision to pay the ransom in order to regain control of their systems. It’s the belief of the cybersecurity industry as a whole that this is not the course of action you should take unless it’s an absolute last resort. Paying off a hacker doesn’t guarantee that the crisis is over. Any number of things can continue to go wrong after a payout:
It should go without saying that trusting a criminal to hold up their end of a bargain is risky at best. Cooperating with them only makes it easier for hackers to do whatever they want to you and your data. The best course of action is to have the necessary precautions in place before an attack happens, putting you in control of the situation and taking the power away from your attackers.
Something as simple as having secure and up-to-date data backups stored in an offsite location grants you the ability to simply wipe your systems clean, kicking the hackers out of your network and allowing you to restore your data and applications and carry on as usual – now on high alert for anything suspicious that would indicate that a second attempt to gain access is being made.
However, having backups to restore from isn’t enough. Wiping your systems and starting over should be your organization’s last resort. The public relies on the services your office provides and going without your computers for the span of time needed to completely clear any trace of infection from your infrastructure and reload all your information, programs, and settings is time the public is without your assistance. Also, having to admit to the public that you allowed their information to be accessed by unknown users isn’t going to leave them feeling terribly confident in your staff or your organization.
The best way to fight ransomware is to make sure it can’t successfully target you at all by working with IT professionals who can actively monitor and maintain your cybersecurity measures to keep hackers out of your network, and away from the public data you’re expected to keep safe.