A small town about 2 hours north of Toronto is being forced to pay bitcoins to have access to its computer systems restored by hackers, the Midland Newsroom reports.
“In the early hours of Saturday, September 1, the Town of Midland became the victim of a sophisticated cyber-attack. ..(T)he Town’s network was illegally accessed and infected with ransomware. The malware was able to encrypt several Town systems rendering them unusable. “
The attack occurred at 2am on Saturday morning, and though Midland staff, “worked quickly to isolate the attack and to activate a cyber incident investigation and response,” attackers still managed to lock important data and demand a ransom paid in bitcoins to hand over the decryption keys needed to release the information.
Town official say vital services were not affected:
“Measures were put in place to separate the Town’s SCADA system (Water and Wastewater) and the Town’s emergency response for Fire and Rescue operates independently from the Town IT system.”
Cyber security consultants have advised the town to pay the ransom, and town officials say that Midland was already insured and had a relevant strategy in place to deal with these types of attacks, attacks experts say are becoming more common.
The town is now working to procure the bitcoins needed to pay the ransom.
Although Midland officials state that they do not know how the malware got into town IT systems, the most common way that malware is introduced is through “phishing” emails.
A cyber security consultant told a story recently at a Vegas crypto conference about a cryptocurrency exchange that was hacked through an employee.
The employee was a super fan of dog shows. Hackers profiled that individual and solicited him or her at work to open an email about a fake “dog show” event they had fabricated.
Opening the email at work on a work system allowed the malware to flow in.
Bitcoins and other cryptocurrencies are very often demanded in these types of attacks because they can be transmitted globally without the involvement of banks.
So far, say Midland officials, the security experts have determined that no sensitive information was improperly accessed or stolen in the attack.
Midland Mayor Gordon McKay had this to say:
“Residents can rest assured that we are taking this matter extremely seriously. We are working closely with cyber security experts that specialize in these types of illegal attacks, and we have reported the incident to law enforcement and the Information and Privacy Commissioner of Ontario. We thank our residents and businesses for their patience and continued support during this situation.”