Stratford City Hall is said to have paid $75,000 as a ransom to a hacker who compromised their computer system with a ransomware. According to Carmi Levy, cybersecurity analyst, there was a major gap in their security strategy giving a chance for the hacker to take advantage.
Just as many other cases, the hacker requested for a ransom of 10 bitcoins, of which the Stratford City Hall authorities agreed to pay upon the agreement with their insurer. This has made them one of the many victims of cyberattacks in 2019. A ransomware attack usually denies access to the main system or data.
Image Source: www.thestatesman.com
According to reports, the Stratford hacker infected the system and jammed their email, telephone system and also affected certain functions of their website. On 14 April 2019, the hacker gained access and infected eight City government computer servers with a ransomware. The computers contained personally identifiable information.
According to a City staff, there is no evidence of identity theft or transfer. Servers were disconnected from the internet and on 17 April, they started a negotiation with the hacker. After successful negotiation with the hacker over the ransom, they decrypted all the computer systems on 25 April using the decrypted key obtained from the hacker.
For now, business is back to normal as they have managed to get things back to as they were. However, the police investigation is ongoing. It is also expected that all vulnerabilities in their system would be dealt with and all securities upgraded. In a statement issued by Mayor Dan Mathieson, he said they decided to engage in a negotiation upon the request from their insurer. However, how the amount and the method of payment agreement were reached was not revealed.
Carmi Levy stated emphatically that Stratford City would not have paid the ransom had they taken security serious and backup their data. He stated that the fact that they decided to pay the ransom means they were not in the habit of backing up their data and checking up if restored files were done properly, leaving them with no option to secure their sever elsewhere. He admitted that they were punished with a ransomware for a lack of concern for their vulnerabilities.
Image Source: www.pandasecurity.com
Cybercriminals launching a ransomware attack on municipal governments is not new. In 2018, a similar incident happened when a hacker attacked the municipal governments in Midland and Wasaga beach. The Midland authorities paid a ransom of eight bitcoins while the authorities in Wasaga beach paid three bitcoins as ransom.
Over the years, the police and cybersecurity experts have advised individuals and organizations against paying requested ransoms. The reason is to prevent hackers from engaging in a ransomware attack in the future on the same institution. It is believed that when a ransom is paid, they are invited to launch more attacks for more money. In most cases, when the ransom is not paid, the affected company incur more cost to recover from the damages.
To avoid incurring all these costs, it is advised that government institutions should take basic security more serious as hackers do not target, but they take advantage of vulnerabilities.
Source: Stratford Herald Beacon
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.