On September 1, 2018, a crisis knocked on the doors of Midland, a small town province in Ontario, Canada. The town council's computer systems were hacked and encrypted by ransomware. They decided to give in to the demands of the hackers and pay the bitcoin ransom in exchange for decryption keys. Even though this doesn't seem like an ideal move, the town, with a population of 16,000 residents, was keen on getting things back on track. Since the town had insured itself against cyber attacks, they were in a position to pay the ransom without much difficulty. Although they were in a position to do so, paying to decrypt ransomware is not advised because there's no guarantee that the hackers actually provide the decryption keys.
The attack immobilized various city services, which prevented permits from being issued for businesses, transit passes for buses from being sold or reloaded, and marriage applications from being processed. However, vital services such as the fire, water, and waste management departments were not affected. Under the guidance of a cybersecurity team, the town has initiated the process of paying an undisclosed ransom amount in bitcoins in order to get the decryption keys.
As soon as the attack was identified, Midland town authorities reported the incident to law enforcement as well as the Information and Privacy Commissioner of Ontario. So far, the security experts have obtained no proof to confirm whether any sensitive information was accessed from the systems. Under the guidance of the cybersecurity team counceling them, the town is implementing stringent security measures to prevent such incidents in the future.
Don't want to make the news for the wrong reasons? Download ManageEngine DataSecurity Plus, a tool that can detect, classify , and secure personal data , and mitigate ransomware attacks.
The town was in the process of upgrading its security systems when the incident occurred. In spite of having an IT security system in place, the attack couldn't be averted. Here are some best practices that can be followed for a secure upgrade:
Rather than leaving yourself with no option other than yielding to the demands of hackers, your best option is to arm yourself against such threats before disaster strikes. We recommend using ManageEngine DataSecurity Plus, which automatically identifies and mitigates ransomware threats.
Without any manual intervention from you, the tool immediately:
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
You will receive weekly cybersecurity news soon!
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.