A cybersecurity expert says an attack like the one this week in the City of Saint John could potentially happen anywhere.
Scott Beck of BeckTek says this isn’t the first Canadian municipality that was hit and it won’t be the last, “Likely, the bad guys were in on the network, living there, looking around and stealing whatever data they need before they actually launched the ransomware attack. There was a good chance the information was compromised before the attack occurred.”
Beck says the number of people working from home makes internet security even more complicated, “They may have to go through an audit for every computer system that is connected to their network to find out where patient zero was, so they can try to remediate this. They can’t turn things back on until it is totally eradicated.”
He says these types of things are sometimes hard to detect, depending on the set up you have on you systems, “Talk with your IT department or even an external auditor. Find out, what you have to monitor that will tell you that you have a problem and have to have that plan to be able to react quickly. The common attack vector that the criminals are using, from what we are aware of is a very sophisticated one.”
On Monday, Saint John City officials received a ransom demand from the hackers. They have not ruled out paying the ransom, after the significant cyberattack against the municipality.
Mayor Don Darling and City Manager John Collin held a news conference Tuesday to provide more details.
Darling told reporters they first learned about the attack late Friday when routine monitoring discovered “unusual activity.”
“IT staff determined it was a ransomware virus,” said Darling. “The city immediately took steps to minimize the impact and protect our systems, notified police and engaged a firm that specializes in cybersecurity.”
Ransomware is a type of malicious software that infects your device and holds your files and data for ransom, according to the Canadian Centre for Cyber Security. The cybercriminals will demand payment in the form of untraceable digital currency, such as bitcoin.
It is described as “one of the most common forms of cybercrime” which targets individuals and companies, big and small.
