Toronto library, zoo attacks show public bodies need to boost cybersecurity: experts
Advertisement
Read this article for free:
or
Already have an account? Log in here »
To continue reading, please subscribe:
Monthly Digital Subscription
$1 per week for 24 weeks*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*Billed as $4.00 plus GST every four weeks. After 24 weeks, price increases to the regular rate of $19.00 plus GST every four weeks. Offer available to new and qualified returning subscribers only. Cancel any time.
Monthly Digital Subscription
$4.75/week*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*Billed as $19 plus GST every four weeks. Cancel any time.
To continue reading, please subscribe:
Add Winnipeg Free Press access to your Brandon Sun subscription for only
$1 for the first 4 weeks*
*$1 will be added to your next bill. After your 4 weeks access is complete your rate will increase by $0.00 a X percent off the regular rate.
Read unlimited articles for free today:
or
Already have an account? Log in here »
Hey there, time traveller!
This article was published 14/02/2024 (596 days ago), so information in it may no longer be current.
TORONTO – As the Toronto Public Library gradually works to restore full service following a crippling October cyberattack, experts are warning that public organizations need to find ways to bolster their ransomware defences, despite having limited resources.
A few months after the library attack, another city-owned institution suffered a digital breach: the Toronto Zoo announced last month that personal information of its current, former and retired employees had been stolen.
The zoo has said the attackers gained access to past earnings information, social insurance numbers, birthdates, phone numbers and addresses of employees going as far back as 1989.
A local library network and a city zoo may not immediately seem like prime targets for the global ransomware industry, but one expert said they have a lot to offer prospective attackers.
Charles Finlay, the executive director of Rogers Cybersecure Catalyst at Toronto Metropolitan University, said public organizations make good targets because they store substantial amounts of personal employee data and because taxpayers expect them to be open and functioning.
Public organizations “are not going to be able to stay out of operation for very long and this provides leverage to the ransomware attackers to extort (payments),” he said. “Attackers view these organizations as having the resources to pay significant ransoms.”
There is no indication the library paid a ransom, but restoring services has been a painstaking process.
In a statement released Monday, more than three months after the attack, the Toronto Public Library said it was beginning to put books back on shelves but that its catalogue and personal accounts would likely remain offline until later this month.
The zoo attack appears to have been significantly less damaging in terms of operations, but the zoo has offered all potentially affected current and former employees a complimentary two-year credit monitoring service as a “proactive step.”
Finlay said that to guard against future damage, public organizations need to embrace cybersecurity best practices, including two-factor authentication, regular software and password updates and not clicking on links in emails from untrusted senders.
Attackers adjust quickly and public bodies need to evolve as the threats change, he added.
“Ransomware is a multibillion-dollar global industry,” he said. “It’s exceptionally lucrative. It is a very sophisticated industry with its own supply chains. It’s an industry that innovates at a very fast pace.
“If you can make it just a little bit more expensive, a little bit more difficult for a ransomware gang to successfully attack your organization, they will go and look for something else to do,” he said.
Cybersecurity expert David Shipley, of Beauceron Security in Fredericton, noted that attackers typically strike in areas where they don’t live, to reduce the likelihood of being pursued by law enforcement.
“Most cyber criminals know it’s really, really dumb to hack in the same jurisdiction where you live, because that’s when you’re most likely to actually get caught and prosecuted,” he said.
Kim Crawley, a prominent cybersecurity writer, noted that even corporations that make substantial profits often struggle to budget enough for digital security.
“So imagine if you are an entity that’s a government service that does not exist to generate profit, like the library,” she said.
“Those entities don’t exist to make money, so there might be even less incentive to spend money on cybersecurity. And then you can’t even just decide to spend money on cybersecurity, because then what if that gets to be challenged in the library board or in city hall?”
Public and community bodies should look to pool resources to enhance their collective defences, she said.
The City of Toronto has said recently it is looking to bring its various boards and agencies under a single central IT system. The city said neither the zoo nor the library were part of its central IT systems prior to the recent attacks, nor did they fall under the responsibility of the Office of the Chief Information Security Officer.
Crawley said one challenge is that some decision-makers still view cyber expenses as a waste of money.
“I hope that this is a wake-up call for the Toronto Public Library and other organizations,” she said. “If they can’t afford to run their own security operation centre, they can share a security operation centre with other organizations.”
This report by The Canadian Press was first published Feb 14, 2024.