The city is also reportedly working with legal counsel, insurers, and authorities, including the Hamilton Police Service. Photo Credit: Unsplash.
As multiple City of Hamilton services continue to be inaccessible due to an ongoing cybersecurity incident, officials announced to the public that the incident is a ransomware attack.
A ransomware attack is when malware is used to lock IT systems, making them inaccessible until a ransom is paid.
The attack started on Sunday, Feb. 25, meaning that the incident has now been ongoing for almost three weeks, impacting city emails, phone lines, and various portals.
The announcement that the incident is a ransomware attack did not come until Tuesday, March 5, with the city reluctant to give out too much information to the public.
On March 5, Hamilton Mayor Andrea Horwath and City Manager Marnie Cluckie provided a media update and fielded questions, confirming some information but refusing to provide further details.
Answering a question from the media asking if the city has been negotiating with the perpetrators of the cyberattack, Cluckie simply said: “We have to make sure that we are careful with sensitive information, but we will share information as soon as we are able.”
Asked further whether the city would consider paying any sort of ransom, Cluckie said: “I can assure you we are going to do what is best for the city.”
The city also revealed additional information, confirming that “at this time, the city does not believe that people’s personal data or information has been accessed.”
The city also says that the Toronto-based cybersecurity company CYPFER has “been retained through legal counsel to provide forensic investigation and incident response.”
CYPFER’s website notes that they provide “24/7 service to businesses, organizations, and governments any time on a global scale.”
Their Chief Executive Officer is Daniel Tobok, who describes himself as “a veteran and visionary of cyber security, intelligence and resilience.”
CYPFER’s site also mentions that the company provides ransomware negotiation and settlement as part of their services.
It is unclear how much the city is paying CYPFER.
The city is also reportedly working with legal counsel, insurers, and authorities, including the Hamilton Police Service.
It was also announced that the city will conduct a “full review” when systems are up and running again “to identify where changes and improvements may be needed and to help prevent a similar incident from happening in the future.”
As for when services will be restored, the municipality “can’t provide a concrete recovery timeline at this time” so residents will have to go without some services for the foreseeable future.
For comparison, a ransomware attack targeting Toronto Public Library began in October 2023 and several services were not restored until February 2024.
Updates regarding impacted services are being provided by the City of Hamilton at www.hamilton.ca/cyberincident.
Based in Hamilton, he reaches hundreds of thousands of people monthly on Facebook, Instagram, TikTok, and Twitter. He has been published in The Hamilton Spectator, Stoney Creek News, and Bay Observer. He has also been a segment host with Cable 14 Hamilton. In 2017, he received the Chancellor Full Tuition Scholarship from the University of Ottawa (BA, 2022). He has also received the Governor General’s Academic Medal. He formerly worked in a non-partisan role on Parliament Hill in Ottawa.
