Cyberattack on Clarence-Rockland should be warning to others, expert says

One cybersecurity expert says a string of attacks in the Ottawa-Gatineau region, including one on the city of Clarence-Rockland, Ont. on Thursday, should be a signal to others to bolster their own computer and data security. 

A week before the eastern Ontario municipality was targeted, the Kemptville District Hospital also reported a "cybersecurity incident". In early September, Gatineau transit officials reported a cyberattack on the Société de transport de l'Outaouais (STO).

"The situation that we are becoming more and more accustomed to is cyber-criminals scanning the internet completely, far and wide, and looking for vulnerable systems," says Steve Waterhouse, an information security lecturer at Université de Sherbrooke and a former information systems security officer with the Department of National Defence.  

"So whether it's a small town, a hospital or even a critical-infrastructure industry — everybody is subjected to these attacks."

'All the look and feel of a ransomware attack'

According to the Ontario Provincial Police (OPP), its crime unit is investigating the attack on Clarence-Rockland, located east of Ottawa, with the assistance from the OPP Cybercrime Investigations Team.

Few other details about the attack have been made public. 

The city has shut down its email service as a precaution and is working with experts to get its system back up and running.  

"Clarence-Rockland has all the look and feel of a ransomware attack," Waterhouse said. "Meaning that essential systems of the municipality were frozen [and] are currently paralyzed."

The risk for ransomware attacks remains high, with the global pandemic only worsening the financial situations of people around the world.

• Toronto transit system hit by ransomware attack, TTC says no significant disruptions

He said that's forced many to find alternative ways to make ends meet.

Waterhouse says automated online systems are constantly searching for weaknesses in institutions and businesses, trying to find lucrative victims. 

People working from home can also create more vulnerabilities for these systems to exploit, he said. 

The Canadian Centre for Cyber Security has noticed an increase in cyber threats related to the COVID-19 pandemic, including ransomware attacks on the country's front-line health care and medical research facilities.

According to its research, small and medium-sized organizations, which include municipal governments, are "most likely to face cyber threat activity in the form of cybercrime."

"The COVID-19 pandemic has demonstrated just how much the Canadian economy relies upon our digital infrastructure, and we assess that these threat actors will almost certainly continue using thematic lures for malicious phishing attempts, including COVID-19 and health-related themes," Evan Koronewski, a spokesperson with the centre, wrote in an email to CBC. 

To better protect themselves from such threats, the centre recommends people and organizations patch and accept software updates and updates for electronic devices, watch for phishing scams, store data securely, know one's back-up procedures and practice good password etiquette and multi-factor authentication.

While criminals rarely seek them out in advance, Waterhouse said small towns or other governments can be particularly enticing, as they typically have some form of cyber insurance. Many are also unable to have their systems frozen for long periods of time and are willing to pay a ransom to have them released.

"This municipality is in a standstill, electronically speaking," Waterhouse added.

He said the common denominator in all three recent attacks in eastern Ontario and western Quebec appears to be a lack of preparedness, noting that "ignoring what is happening around won't protect you."

• STO targeted by weekend cyberattack

But he said the city of Clarence-Rockland, the Kemptville hospital and STO took the responsible step of letting the public know they had been breached. 

"Everybody can learn from these situations. And I encourage any victims to come forward about these cyber crimes and let people know, 'Well, this was our turn.'"