April 14, 2023 at 11:25 am
The town of St Mary’s has revealed the extent of the cyberattack that caused chaos in Perth County communities last year.
A report on the incident indicated that the cyberattack caused $1.3 million in damage, of which $290,000 was paid to the hackers as ransom. The payment came after the town received communications indicating that sensitive data had been transferred without proper authorization in July 2022.
Hackers encrypted several town-related servers and files before IT staff discovered the infiltration. Town staff disconnected all servers to prevent further infiltration.
“Due to the swift actions of IT personnel, the ransomware did not fully encrypt all systems in the town,” the report said. “This action, combined with the strategic decision to migrate the town’s operating environment to the cloud beginning in 2020, means that the town’s critical services, such as fire, police, transport and water/wastewater, have not been affected. From From a public perspective, there was hardly any service disruption other than some online and in-person services being unavailable (i.e. bookings, payments). Internally, employees maintained approximately 80% functionality following the attack.”
The cost of rebuilding the network system was $440,133, and the town spent $860,970 on incident management and investigation and ransom payments.
The town maintained about 80 percent of its function after the attack, the report noted.
The town said it is now taking steps to strengthen its cybersecurity, including regular assessments, policy revisions and staff education. The City Council also approved the hiring of additional human resources to assist with data management and retention processes.