BreachExchange mailing list archives
Stratford paid $75, 091 to end recent cyber attack
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 23 Sep 2019 09:19:24 -0500
https://kitchener.ctvnews.ca/stratford-paid-75-091-to-end-recent-cyber-attack-1.4601497 The City of Stratford has released new details about April’s ransomware attack. They say staff first noticed issues on April 14, when several crucial servers became “unresponsive and unavailable.” The attacker had installed malware into six of the city’s physical servers as well as two of their virtual servers, and then encrypted all systems so staff members could not access any information. The city says it immediately disconnected its servers from the internet and all computers, laptops and printers were unplugged from the network to prevent further issues. Stratford then enlisted the help of Deloitte Canada who began forensically gathering evidence, including any anomalies, malicious activities or any other unauthorized access. Their efforts, however, were limited due to the encryption of those critical servers. The city says they began negotiating with the attacker on April 17. They demanded a total of 10 Bitcoins which at the time were each valued at $7,509.13. The city’s total payout was $75,091.30. A few days later, on April 25, decryption keys were received from the attacker. No significant data was compromised. “Deloitte did not identify any evidence of loss, access or disclosure of Personally Identifiable Information in relation to the ransomware incident,” said Kevvie Fowler, the Global Incident Response Leader for the auditing firm. All city operations returned to normal two weeks later, though Deloitte continued to monitor servers until May 31. Stratford has cyber insurance in place, with a deductible of $15,000, for all costs it incurred as a result of the attack. The city says Stratford Police and the OPP Cyber Crime Unit are continuing to investigate the incident. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Stratford paid $75, 091 to end recent cyber attack Destry Winant (Sep 23)