Canadian Town St.Marys Becomes Victim Of Ransomware Attack
A ransomware outbreak that encrypted data and locked personnel out of internal systems affected the Canadian town of St. Marys, Ontario.
The tiny community of 7,500 people appears to be the latest victim of the renowned LockBit ransomware organization. On July 22, a post on LockBit’s dark web page claimed townofstmarys.com as a ransomware victim and displayed encrypted and stolen files.
According to a press release by the town’s local representatives it is being said that the attack is being investigated and will soon be resolved:
“We have a skilled and knowledgeable team of Town staff, cyber security experts and legal counsel working around the clock to resolve any issues related to this incident. I have full confidence in our team and want to assure the public that protecting their privacy is our top priority.”
-Mayor Al Strathdee
After systems were locked, the LockBit ransomware group sent the municipality a demand for payment, according to Strathdee, but the town has yet to make any payments. In general, ransom payments are prohibited by the Canadian government’s cybersecurity counsel, according to Strathdee, but the municipality will comply by the incident team’s recommendations for how to proceed.
Images posted on the LockBit website depict the Windows operating system’s file structure, which includes directories for departments including finance, health and safety, sewage treatment, property files, and public works. The town was given a deadline to pay to have its systems unlocked in accordance with LockBit’s standard operating procedures, or else the data will be made publicly available online.
Smaller communities are increasingly becoming the target of sophisticated international ransomware groups with vast technical resources and understanding. The FBI’s cyber division warned government partners in the private sector in March that ransomware attacks were “straining local US governments and public services.”