The Resort Municipality of Whistler (RMOW) has suffered a ransomware attack that forced them to shut down their network, website, email, and phone systems. Due to this disruption, all online activities and certain in-person municipality activities have been suspended.
The Resort Municipality of Whistler (RMOW) is a resort community with approximately 12,000 residents and over three million visitors annually.
The company’s Chief Administrative Officer Virginia Cullen said of the incident: “I appreciate that this is having a large impact on our community already challenged by COVID- 19, as well as Whistler property owners and those who have accessed RMOW services in the past…Although we have robust protections in place to prevent this type of illegal event, these cybercriminals breached our server.”
While the attack was ongoing, the Whistler.ca website was hacked to display a message stating that the site was under construction and that visitors should contact support at an included Tor dark web URL.
This concerning message indicates that RMOW’s network has been encrypted and that unencrypted files were stolen during the attack, which has become common in ransomware attacks.
Looking at the serious issue and nature of the attack for Digital Journal is Gary Ogasawara, CTO, Cloudian.
According to Ogasawara, this latest attack is part of an accelerating trend: “Ransomware attacks on cities have been increasing in the past two years, causing significant revenue loss, system downtime and reputational damage.”
The situation could get worse unless action is taken, says Ogasawara. He notes: “Without the proper defense in place, any city or municipality can wake up to find their data being held hostage by cyber criminals.”
In terms of the optimal defense strategies, Ogasawara recommends: “To keep its data safe and operations running without significant interruption, cities must ensure that data is protected where it’s stored. Keeping an immutable backup copy of sensitive data can protect it from alteration or deletion for a user-defined period.”
Will this be successful? There is certainly a better prospect for data recovery, as Ogasawara states: “This way, if a ransomware attack occurs, organizations can quickly and easily restore the unencrypted backup copy and resume operations without having to pay ransom.”