Hacking attacks may be a problem at home, but they can also bring entire cities to a halt. File photo

City of Penticton beefs up security against hackers

Threat from ransomware and other hacks growing

Most people have heard warnings about ransomware attacks, where your computer is taken over, and the hacker demands payment to release it.

The same thing is happening to businesses, institutions and even cities. In March, the city administration of Atlanta, Ga. was hobbled for a week with hackers encrypting city files, locking access to services and other systems.

And the hackers only wanted $51,000 in Bitcoin to let the city have control back. It’s not known whether Atlanta eventually gave in, but another U.S. city, Leeds, Al., did pay out a $12,000 ransomware.

Jim Bauer, Penticton’s chief financial officer, said city hall is aware of the threat and has prepared defences.

“Over the last two years, we’ve really enhanced our information technology security program, just in regards to ensuring we’ve got the necessary firewalls and other systems in place to prevent intrusions,” said Bauer, adding that people are as important a factor as software and hardware.

“One of the other key things we’ve done, too, is IT security awareness for our staff,” said Bauer. “One of the biggest risks you face with cybersecurity is people receiving phishing emails and other sorts of things.”

Besides educating city staff members, Bauer said they’ve also embedded a program in the email system that makes it easy for users to deal with suspect emails.

“If somebody feels something is suspicious activity, there is a little icon they can click and it is then sent to our IT help desk to investigate it further,” said Bauer.

City hall’s IT department also sends out phishing emails to test staff.

“If they recognize it, they click on it and it says ‘great job, you recognized this,’ so it provides some positive accolades,” said Bauer, adding that if a staff member does try to open one of the test emails, they get a message reminding them of the risk.

“That’s been really positive, because it is training and awareness for staff, not focusing on a punitive approach,” said Bauer. “Between those two things, enhanced firewall systems, as we have more robust monitoring of internet activity, email traffic, that kind of thing. So there is constant and continual screening for suspicious activity.

“Fortunately, we haven’t had any significant issue over the past year or so.”

Besides the possibility of a ransomware intrusion, phishing emails may try to convince staff members to give up internal information, like bank account information.

McEwan University in Edmonton found itself out nearly $11 million dollars after an accounts payable employee got duped in a spear phishing attack — phishing with a specific goal and information — and was convinced a legitimate vendor wanted the university to use a new bank account.

A few days after the change was made, and $11.8 million paid into it, the real vendor called, wondering why it never got paid.

“I think generally our staff is well-versed on those social engineering kinds of things,” said Bauer. “I personally have received a number of email from people with fictitious emails that purport to be the mayor, or even (CAO Peter Weeber) saying ‘Jim, can you get that banking information for me to help me make the payment?’ It’s amazing the things people are coming up with.”

Bauer said that while they don’t see much in the way of that kind of attack, the city will ramp up training and awareness if the prevalence increases.

Besides keeping up with patches and updates from software vendors, the city has taken a number of steps to arm the systems, from limiting user permissions to sophisticated software and firewalls that actively monitor network traffic looking for suspicious network activity and risks.

Even there, the human element comes into play. Bauer said the city has also utilized “white hat” hackers that attempt to compromise the city’s system and identify areas of weakness.

It’s a threat that isn’t going away anytime soon. A study commissioned by cybersecurity company Cloudmark showed that 84 per cent of the enterprises surveyed had a spear phishing attack penetrate their organization’s security, and the RCMP reported that in 2016, ransomware attacks already numbered 3,200 per day.


Steve Kidd
Senior reporter, Penticton Western News
Email me or message me on Facebook
Follow us on Facebook | Twitter | Instagram

Just Posted

Barley Mill Brew Pub adds second event for fundraiser for Willowbrook mother with cancer

Tickets to the dinner event on April 6 sold out, added a lunch event the same day

Armchair Book Club: Kate Atkinson’s Transcription stands well among her work

Heather Allen is a columnist for the Penticton Western News

League championship for Okanagan middle school

KVR Express boys basketball team wins league championship over Summerland Middle School

Top 5 unique accommodations on Airbnb in Penticton and area

Whether you’re looking for seclusion, charm or luxury, these venues have you covered for your stay

Column: Why your next vehicle might be electric

First Things First Okanagan column: Meeting the climate challenge

Sparks fly as SUV speeds down wrong side of Highway 1 trying to flee RCMP

Captured on video, the vehicle headed westbound against oncoming traffic before crashing

Judges on Twitter? Ethical guidance for those on the bench under review

Canadian judges involvement in community life are among issues under review

Trudeau calls May 6 byelection for B.C. riding of Nanaimo-Ladysmith

The riding opened up when Sheila Malcolmson resigned in January

Four people displaced by Taylor Road fire

The Kelowna Fire Department say no one wass injured and the cause of the fire is not suspicious

Calgary captain has 3 points as Flames torch Canucks 3-1

Giordano leads way as Alberta side cracks 100-point plateau

Okanagan woman launches sewing studio

“I know there’s a lot of people up and down the valley that would love to sew.”

1,300 cruise ship passengers rescued by helicopter amid storm off Norway’s coast

Rescue teams with helicopters and boats were sent to evacuate the cruise ship under extremely difficult circumstances

Former Okanagan teen found safe after disappearing from YVR airport

Ethan Burnett, 14, was found safe in Kelowna on March 22

B.C. university to offer first graduate program on mindfulness in Canada

University of the Fraser Valley says the mostly-online program focuses on self-care and well being

Most Read