A cyberattack crippled the IT infrastructure of the City of Saint John

Officials confirm that the city of Saint John was hit by a massive cyberattack that has crippled the entire IT municipal infrastructure.

The city of Saint John, Canada, was hit by a massive cyberattack that has crippled the entire IT municipal infrastructure, the incident was publicly disclosed on November 15.

The cyberattack caused the shut down of the entire municipal network, including the city website, online payment systems, email and customer service applications.

The City of Saint John is working with federal and provincial authorities to recover from the cyberattack.

Experts believe that the attack was carried out by a ransomware gang, it has been estimated that the city may take a couple of weeks to fully recover its operations.

“… It is a cyber security ‘best-practice’ to not publicly provide details that could further compromise the City’s position, including information on the effectiveness of the attack, the systems affected, and success of our containment efforts.” reads the statement published by the City. “Providing this level of detail would be beneficial to the attacker as they could attempt further attacks; it would also provide valuable information to potential copycat hackers; and could compromise investigative efforts,”

City manager John Collin confirmed that there’s no evidence that hackers have stolen personal information.

“As of today, we do not have any indication that personal information was accessed or transferred. Determining this is a priority for us. When we know more, we will notify the community immediately.” said Collin.

Collin confirmed that “critical city functions” are still operational, including transit, water and waste-water treatment services.

The Saint John Police Force is investigating the cyber attack with the support of the National Cybercrime Coordination Unit and the New Brunswick RCMP Digital Forensics Unit.

At the time it is not clear which is the family of malware that hit the City’s infrastructure, but media speculate the involvement of ransomware.

“There is no timeline yet for the restoration of our services, but it is safe to say that we are looking at weeks, not days,” Collin added without expluding the decision to pay an alleged ransom. “All options to restore our networks are still on the table,”  

Unfortunately, ransomware attacks against municipalities are becoming very frequent. Similar attacks hit seen many cities in the US, including the City of Racine, the city of New Orleans,  Key Biscayne, Riviera Beach, Lake City, Baltimore, and Palm Spring.


Resources: SecurityAffairs