Another Ontario municipality reports a cybersecurity incident

A town in Ontario’s Muskoka region has become the latest municipality to be hit by a cyberattack.

 

The Town of Huntsville said its municipal office would remain closed for a second day Tuesday and some municipal meetings were being rescheduled as specialists investigate a “cybersecurity issue” that came to light over the weekend.

 

The town said it currently has no evidence that any sensitive data, including personal information, has been compromised.

 

“Upon discovering this incident, we initiated our incident response protocol and we took immediate steps to secure our network against further unauthorized activity,” it wrote.

 

“The investigation, led by the cybersecurity specialists the town has engaged, is currently ongoing.”

 

The town said the precautionary measures taken have affected some of the municipality’s online services and systems.

Some municipal and council email addresses have been affected but customer service representatives are available by phone. Huntsville’s library was shut down on Monday but was expected to be open Tuesday. Several municipal meetings have been rescheduled.

 

 

“The town is committed to being as transparent as possible regarding this incident and its implications for our community,” the municipality wrote.

 

Huntsville is the latest Ontario municipality to report a cybersecurity incident in recent weeks.

 

Officials in Hamilton said last week that they have engaged experts, insurers, lawyers and others in their efforts to completely restore the city’s systems following a Feb. 25 attack.

 

Systems used for online payments or licence applications have been affected in Hamilton, and municipal staff are processing routine transactions manually or accepting cash wherever possible. An investigation is also underway to determine if any personal information was accessed or compromised.

 

The Hamilton cyberattack came after similar attacks on two city-owned institutions in Toronto: the public library and the zoo, two incidents that exposed sensitive employee information.

 

Charles Finlay, executive director of Toronto Metropolitan University’s Rogers Cybersecure Catalyst, has said the breaches are an example of the seriousness of such cyberattacks, which have increasingly targeted municipalities in recent years.

 

 

Finlay said every municipality needs to establish a plan to respond to that kind of crisis, adding it’s not a question of if they’ll be attacked, but when.

 

The Association of Municipalities of Ontario has been urging members to approach cybersecurity policies and protocol as an “expansion to emergency preparedness,” saying municipalities should conduct risk assessments and address weaknesses in their systems.

 

The organization is holding a cybersecurity workshop for municipalities in partnership with the Rogers Cybersecure Catalyst later this month.

– with files from Paola Loriggio.

 

 

This article was first reported by The Canadian Press