The city of Hamilton is still recovering from a ransomware attack that disrupted its online services and networks on Monday. The attack has affected the city’s email, website, phone lines, and some applications. The city manager has said that there is no timeline to restore the services, and that the investigation is ongoing. Here is what we know so far about the cyberattack and its impact on the city and its residents.
What is ransomware and how does it work?
Ransomware is a type of malicious software that encrypts the data and files of a victim and demands a ransom for their decryption. The attackers usually threaten to delete or expose the data if the ransom is not paid within a certain time. Ransomware can infect a system through phishing emails, malicious attachments, or compromised websites. Ransomware attacks have become more frequent and sophisticated in recent years, targeting various organizations, institutions, and governments around the world.
How did the attack happen and who is behind it?
The city of Hamilton has not disclosed the details of how the attack happened or who is behind it. The city manager, Janette Smith, said that the attack was detected on Monday morning and that the city’s IT staff immediately took steps to contain it and protect the systems. She also said that the city has notified the appropriate authorities, including the police and the privacy commissioner, and that the investigation is ongoing. Smith did not reveal if the attackers have made any ransom demands or communicated with the city.
What services are affected and how is the city coping?
The attack has affected the city’s email, website, phone lines, and some applications, such as the online payment system, the parking ticket system, and the animal licensing system. The city has said that the essential services, such as water, wastewater, fire, and emergency medical services, are not impacted and are operating normally. The city has also said that there is no evidence that any personal or financial information of the residents has been compromised.
The city is working to restore the services as soon as possible, but has not given a timeline for the recovery. The city has asked the residents to be patient and to use alternative methods of communication and payment. For example, the residents can use the HSR app or cash to pay for transit fares, or visit the municipal service centres in person to pay for parking tickets or animal licenses. The city has also set up a temporary phone line at 905-546-2489 to answer the inquiries of the residents.
What are the implications and the lessons of the attack?
The attack has shown the vulnerability and the importance of the city’s online services and networks, especially during the COVID-19 pandemic, when many people rely on them for information and transactions. The attack has also highlighted the need for more cybersecurity awareness and preparedness among the city staff and the residents. The city has said that it will review its security protocols and policies, and that it will provide more training and education to its employees and the public on how to prevent and respond to cyberattacks.
The attack has also raised questions about the accountability and the transparency of the city in handling the incident. Some councillors and residents have criticized the city for not providing enough information and updates on the situation, and for not being proactive in communicating with the media and the public. The city has said that it is following the best practices and the advice of the experts, and that it will share more information when it is appropriate and safe to do so.
