Ca: Community Care discloses ransomware incident
I must admit that I am pleasantly surprised to read how this non-profit had a great response to a ransomware attack.
Community Care of St. Catharines and Thorold is still reeling from a cyberattack that shut its computers down for more than a week.
The local food bank’s CEO, Betty-Lou Souter, said Community Care’s systems are back up and running, but the ransomware attack has reinforced the need for cyber-vigilance.
“It is easy to open the door, but once it’s open it can be very hard to close,” Souter said.
She said Community Care’s servers were attacked by the NW4 ransomware virus at 11:26 p.m. on June 28.
No one is sure how the virus got into the server, but when Community Care’s staff arrived for work on June 29, they couldn’t use their computers.
Souter said every computer screen displayed a message that said all the computer’s files were encrypted. To get access to them, Community Care would have to buy an encryption key for the price of $3,000 in Bitcoin, a unit of currency frequently used by cybercriminals.
“We didn’t pay that, obviously,” Souter said. “I immediately called our technical support guy, and he told us not to touch anything.”
But it wasn’t just their immediate response that impressed me. It was their preparation:
She said Community Care backs up its computer files on a regular basis. The technician wiped the computers and restored them using those backed up files.
Souter said Community Care’s client information files were unaffected because they are not stored on the physical server, but on a cloud.
Nevertheless, it took nearly a week for Community Care to have full access to its computers. The only data lost was information that hadn’t been captured in the most recent backup.
I wonder what their budget is for infosecurity and whether they would be willing to share their plan with others of comparable size and means.
Read more on St. Catherines Standard.