The city of Stratford, Ontario has responded to what it believes is a cyberattack on its systems.
Earlier this week city officials posted on social media that the city was “currently managing what appears to be a cyberattack.” The city believes its email, online forms, and even phone capabilities were compromised by the apparent breach.
Officials have also assured the public via social media that “resources have been deployed to address this and appropriate risk management plans are being followed.”
After an investigation on Monday, officials determined that no personal information had been compromised. But the city’s switchboard operator told CBC News that the city’s phone system, which includes individual extensions, was malfunctioning following the attack. The operator said calls to the city went straight to voicemail, which officials were unable to access.
The phone malfunction was so debilitating that city staff had to take notes by hand, delivering them to the appropriate office.
With Stratford staff being so tight-lipped about the nature of the data incident, it can be hard to tell what exactly the city is dealing with, noted cybersecurity expert Alexandar Essex from the Whisper Lab at Western University in London.
“However, when I hear about a great number of subsystems going down at the same time, it seems less likely that it would be some kind of uber-cyberattack and more likely that they are preventatively shutting down those subsystems to protect themselves,” Essex told CBC News.
Essex added that municipalities are tempting targets for cyberattackers since city systems carry a lot of data. He explained that, for instance, confidential emails between city councillors “might illuminate what they’re thinking and what their plans are on proposed legislation, bylaws and so forth.”
But there are many other reasons why cyberattackers would target a city, the expert warned.
Essex hypothesised that the attackers selected Stratford because cities usually deal with a lot of high-value land contracts.