The City of London’s IT director says the department is doing what it can to protect against cyberattacks.
Mat Daley’s reassurance comes a day after the City of Woodstock fell victim to an apparent cyberattack and months after a similar situation in Stratford that resulted in a $75,000 payment to unlock its data.
“Yes, I’ve spent some sleepless nights, me and my team, thinking about this circumstance,” Daley told Global News Radio 980 CFPL.
“We continue to invest intelligently and, through that, we can do the best work that we can to defend against this situation.”
Daley says the city uses a “risk-based approach” that accounts for hundreds of variables.
“What that means is we have four key domains that we mature our technology on, the first being governance, the second being prevention, the third being detection and the fourth being response,” he said.
A local tech expert, however, notes that human error is the biggest risk in these types of incidents.
“Every time you hear about ransomware, there’s always a human in the link, and that human was not well trained,” Carmi Levy explained.
“The fact that Stratford and Woodstock have been victimized so closely together, it’s eye-opening. We don’t know if it’s the same perpetrator, but it almost doesn’t matter. What we are seeing is cities are not prepared for this kind of thing.”
On Monday, Woodstock CAO David Creery confirmed that a computer virus was preventing the city from accessing its emails and data. The incident began over the weekend and “has the appearance of a ransomware attack,” but as of Monday evening, the city said it had not received a ransom demand.
The incident in Woodstock is under investigation by the OPP and city police.