This summer alone, two Ontario towns paid thousands of dollars in ransom after getting locked out of their own internal servers in a cyberattack.
After trying and failing to unlock their systems on their own, both Midland and Wasaga Beach made the decision to pay the ransom demanded by the hackers. Wasaga Beach handed over an amount totalling $35,000, while Midland did not disclose how much it paid.
Just last week, the town of Midland’s network was illegally accessed and infected with ransomware on Sept. 1. Cybercriminals used malware to encrypt several town systems, rendering them inoperable.
The town told Global News that vital services such as fire, water and waste-management were not impacted. While Midland reported “significant progress” in unlocking the servers on its own, the town’s officials eventually decided to pay the ransom.
“Under the guidance of cybersecurity experts, we have initiated the process to pay the ransom in exchange for the decryption keys,” the release reads. “Although it is not ideal, it is in our best interest to bring the system back online as quickly as possible,” a spokesperson said at the time.
Town officials said they’d purchased an insurance policy for situations such as this, though it’s not clear why it wasn’t effective.
A few months back, a similar scenario played out in Wasaga Beach.
This past July, the town of Wasaga Beach decided to pay $35,000 to cybercriminals after being hacked in April. The hackers demanded 11 bitcoins to be paid in exchange for all the servers to be unlocked. At the time, a Bitcoin was trading at approximately US$9,000 (C$13,000).
Ultimately, after communicating with the cybercriminals, the towns paid three bitcoins for four servers. Based on a report from the city, the staff had determined that by regaining access to those servers, officials could restore town servers to 90 per cent operating capacity.
Daniel Tobok, the founder and owner of the cybersecurity firm, Cypfer, agrees with Sood in saying that it’s “very difficult to bring [cybercriminals to justice]” because of gaps in legislation that make it difficult to prosecute cybercriminals if their crimes take place in countries where they’re not physically located.
“Ransomware is really the weapon of choice for a criminal,” he said. “They can see us but we can’t see them.”
He adds that small towns present a perfect target because of the limited resources they have to protect sometimes-sensitive citizen data, which may force the municipality to pay the ransom to retrieve it or unlock services.
However, if corporations and government institutions choose to combat cybercrime, both Tobok and Sood agree that they need to act now.
“This is real, this is not something out of a movie,” Tobok warns.
READ ENTIRE ARTICLE (videos included)