A cybersecurity expert believes the City of Saint John could be more forthcoming with information about a cyberattack that crippled its IT network two months ago.
The ransomware attack on Nov. 13, 2020, forced the disabling of the city’s website, online payment systems and other network infrastructure. Temporary systems have allowed the website and some programs to return.
John Collin, Saint John’s city manager, provided an update to Saint John Common Council on Monday. He said the penetration of the virus into the network was “extensive,” and because of that, he said the city will build a brand new network rather than try to fix the old one.
Collin said he would not provide specific information about what parts of the network have been impacted by the attack, although he reiterated a previous statement that residents’ personal information appeared to be safe.
Richard Rogerson, managing partner of cybersecurity firm Packetlabs Ltd., said he’s pleased with Saint John’s handling of the situation so far.
But he said it’s concerning the City is not being more open about the nature of the attack.
“Why were they hesitant about sharing information about what systems were impacted because of the fear of copycat?” Rogerson asked.
“To me, that means there is something that is very insecure in the (network) environment and that kind of worries me.”
Rogerson said officials need to be as transparent as possible about what happened, including how the virus entered the system and what areas were affected.
Collin stressed Saint John had not paid a ransom, and would not do so without the approval of Common Council.
Rogerson said no community should pay a ransom because they are simply funding the hackers as they identify their next targets.
The cyber attack has not stopped others from attempting to corrupt the system.
Collin said the city’s security team had identified 13,000 suspicious and malicious emails sent to users of its network in the last three weeks.