A cyberattack on the Town of St. Marys that encrypted municipal systems and stole sensitive data cost the local government roughly $1.3 million, including a $290,000 Bitcoin ransom payment made to the hackers, officials have revealed.
This advertisement has not loaded yet, but your article continues below.
The town hired a third-party negotiator to arrange a ransom payment, ultimately sending $290,000 in Bitcoin to the hackers in exchange for keys to the computer systems that had been encrypted during the ransomware attack and a promise to destroy all of the stolen information.
This advertisement has not loaded yet, but your article continues below.
As of Dec. 31, 2022, Deloitte, the cybersecurity consultants hired by St. Marys in the wake of the attack, had confirmed, through monitoring hacker chatter, that the town’s sensitive data had not been released to the public or on the Dark Web.
“Residents can rest assured that the data is secure and we’re doing the best we can,” St. Marys Mayor Al Strathdee said.
The town’s IT staff actually discovered the cyberattack during a routine systems backup, prompting them to immediately disconnect all of the municipal services, which prevented the ransomware from doing further damage.
This advertisement has not loaded yet, but your article continues below.
That early discovery, coupled with a strategic decision in 2020 to begin migrating the town’s operating environment to the cloud, meant critical municipal systems like police and transit were not compromised, officials said. There was little disruption to St. Marys’ public-facing services, with the exception of some online bookings and payments.
Internally, the staff report revealed, staff maintained an 80 per cent functionality after the attack.
“We were working toward better security. We were aware of the environment. We were aware of the issues, but I’m not so sure that, without a huge amount of money spent, we could have prevented what happened,” Strathdee told the Beacon Herald.
Immediately after identifying the attack, the town triggered its emergency response plan. The law firm, Siskinds LLP, was hired to direct the incident response and help navigate the complexities of data security while Deloitte LLP was retained as the technical lead and forensic auditor. Deloitte also led the investigation into the attack, helping determine its nature and extent.
This advertisement has not loaded yet, but your article continues below.
Deloitte investigators determined the cyberattack to be contained by July 28, 2022, and, in August, began work on designing and rebuilding a new IT network for the town. After completing that work in November, the consultants continued monitoring town services until December.
“I think we’re in a better place now,” Strathdee said of the network rebuild, which alone cost the town more than $440,000.
Prior to the St. Marys incident, Elgin County had fallen victim to a cyberattack that knocked out its website and email system for more than a month and compromised the personal and, in some cases, highly sensitive information of more than 300 employees, long-term care residents and former care residents.
In 2019, a crippling cyberattack on Stratford’s computer systems led the city to pay a ransom of more than $75,000 in Bitcoin while a similar attack the same year against the City of Woodstock cost more than $1 million to restore services without paying the ransom.
