Cybercrime is on the rise across the globe – and Canada is no exception. Ontario Provincial Police have recently issued a warning against hackers trying to gain unauthorized access to local governments systems in a series of ransomware attacks.
Ontario Municipalities Hit by Hackers
Municipal governments in Ontario saw a wave of ransomware attacks earlier this fall, with hackers locking down systems and demanding ransom to restore them. Police did not disclose how many instances have been recorded, but at least two local governments have fallen victim and the mayor of one of the municipalities who saw their systems compromised by the cybercriminals stated that numerous other incidents have occurred.
Midland, Ont., was attacked on September 1 st – but the municipality had luckily opted for an insurance policy after hearing of a similar incident in nearby Wasaga Beach, Ont. This has helped mitigate the financial effect of the attack according to Midland’s mayor, who also stated that the officials succeeded in isolating those online systems related to police, water, and fire municipal services from the attack. He also commented that no personal data of the municipality’s residents appears to have been compromised.
Police Advocate Users to Increase Focus on Cybersecurity
The hackers usually demand payment in Bitcoin or altcoins to further evade detection by law enforcement, and OPP has clarified in a statement that it does not encourage paying the ransom. According to the officials, it is far from guaranteed that payment will result in the criminals unlocking the data and it only ends up in inviting more criminal activity.
Instead, they urge victims to reach out to their local police – and also to take cybersecurity measures to prevent hackers from gaining access in the first place. These include installing a WAF on local municipality websites’ login pages to protect web applications from threats like SQL injection and cross-site scripting, keeping regular backups of data, and training personnel to recognize threats. According to police authorities, many of the attacks were perpetrated through phishing emails that dupe users into clicking on malicious links. In other instances, the attack was launched by direct hacking into a system through exploiting its flaws.
Cybercrime on the Rise Globally and at Home
The series of attacks has come at the heels of other news reporting on the rise of cybercrime in Canada. According to the first Canadian Internet Security Survey that was reported on globalnews.ca on March 22 nd , 2018, almost 1 in 3 Canadian businesses have fallen victim to phishing attacks in 2017.
Carried out by the Canadian Internet Registration Authority, the survey also revealed that 77% of those small enterprises that manage their own domains state that they are worried about being attacked by hackers – but only 36% of those surveyed said that they are directing funds towards better cybersecurity. In April 2018, the RCMP announced that it had taken part in an international operation to take down a website that offered to carry out DDoS attacks for as little as €15 ($18). More than 136,000 users were registered in the website that had launched roughly 4 million attacks before authorities took it down, leading to arrests in Canada, Croatia, Serbia and the United Kingdom.
As cybercrime rises and Ontario gets a taste of the global phenomenon, police efforts to tackle hackers internationally and at home intensify, while organizations and individuals alike are advised to be more cautious online.