A southern Manitoba municipality is the latest public entity in the province to be hit by a cyberattack, following an incident that exposed staff and student information in a school division’s database.
Outside experts are investigating a cybersecurity incident that affected the Rural Municipality of Ritchot’s systems Dec. 20.
“They are working diligently around the clock to make sure we’re back up and running,” Ritchot Mayor Chris Ewen said about the security firm.
Ritchot, just south of Winnipeg, decided to close its office over the holidays to allow time to “thoroughly resolve the issue,” a statement said.
Ewen was waiting for an update to learn details about the type of attack, how the RM’s systems were affected and what information, if any, might have been accessed.
The mayor said the incident was quickly detected by a cybersecurity company that monitors Ritchot’s systems.
“We do have systems in place to protect us to the best of our ability,” he said. “As soon as they detected it, they started working on it right away.”
Ewen said Ritchot will provide updates to residents when it learns more about what happened and the impact.
The RM, which includes Ile-des-Chenes and St. Adolphe, had a population of almost 7,500 as of the 2021 census.
The Canadian Centre for Cyber Security has warned about an increase in “cyber threat activity” against municipal and provincial governments.
A report published in October 2022 said the centre was aware of more than 100 cases that targeted municipalities since 2020.
About $470,000 was stolen from an account belonging to the Municipality of WestLake-Gladstone in a cyberattack in December 2019 and January 2020.
Last week, Pembina Trails School Division in southwest Winnipeg confirmed a database containing student information and photos was breached in a Dec. 2 cyberattack.
On Dec. 5, Manitoba Justice said a third-party firm that collects overdue court-ordered fines had reported a cyber incident.
Personal information belonging to University of Winnipeg students and staff was stolen in March. A month later, details about clients and staff at Mount Carmel Clinic in Winnipeg were accessed.
“We’re seeing school boards and municipalities getting breached on a more frequent basis, and the impacts of breaches becoming more devastating,” said Toronto cybersecurity consultant Ritesh Kotak.
He said municipalities, universities, school divisions and hospitals are targeted by hackers because they hold large volumes of personal information that can be held ransom or sold on the dark web.
Kotak said phishing and ransomware are the most common attacks.
Some phishing emails try to dupe a user into clicking on links or downloading attachments, which contain a virus or malware, that look like they’re from a legitimate sender.
Ransomware is a form of malware that allows cybercriminals to encrypt, steal or delete data before demanding payment to restore access.
Statistics Canada said 13 per cent of all businesses affected by cybercrime in 2023 were hit by ransomware attacks, up from 11 per cent in 2021.
Almost 90 per cent of victims did not make a ransom payment. Of those that did, 84 per cent paid less than $10,000, while four per cent paid more than $500,000, StatCan said.
The centre for cyber security website says basic practices — such as multi-factor authentication, strong passwords, and training for staff — would prevent the vast majority of ransomware incidents in Canada.
Kotak said organizations should draft and test contingency plans.
Manitoba auditor general Tyson Shtykalo called for improvements to Shared Health’s cybersecurity response plan last week.
His audit found training sessions were not held with all employees, an external communications plan was incomplete and incident-response tests were not done. Shared Health said Shtykalo’s recommendations will be implemented.
Denys Volkov, executive director of the Association of Manitoba Municipalities, said cybersecurity is a growing concern for local governments.
The association has shared information with its 130-plus members and held sessions to help mitigate risks to cyberattacks and data breaches, he said.
“However, as the complexity and frequency of these threats continue to grow, it is important for municipalities to stay vigilant by conducting regular assessments and implementing proactive measures to protect operations and sensitive information,” Volkov said in a statement.
“The (association) is committed to helping municipalities navigate these challenges and continues to encourage members to reach out for guidance and support.”
chris.kitching@freepress.mb.ca
Chris Kitching
Reporter
Chris Kitching is a general assignment reporter at the Free Press. He began his newspaper career in 2001, with stops in Winnipeg, Toronto and London, England, along the way. After returning to Winnipeg, he joined the Free Press in 2021, and now covers a little bit of everything for the newspaper. Read more about Chris.
Every piece of reporting Chris produces is reviewed by an editing team before it is posted online or published in print — part of the Free Press‘s tradition, since 1872, of producing reliable independent journalism. Read more about Free Press’s history and mandate, and learn how our newsroom operates.
Our newsroom depends on a growing audience of readers to power our journalism. If you are not a paid reader, please consider becoming a subscriber.
Our newsroom depends on its audience of readers to power our journalism. Thank you for your support.