Small municipalities ‘fairly easy target’ for criminals, expert says after RM of Gimli targeted in cyberattack

Listen to this article

Estimated 3 minutes

The audio version of this article is generated by AI-based technology. Mispronunciations can occur. We are working with our partners to continually review and improve the results.

A cybersecurity expert says smaller municipalities may present “low-hanging fruit” for criminals, after a Manitoba rural municipality notified residents it was the target of a cyberattack.

In a Tuesday online post, the Rural Municipality of Gimli, in Manitoba’s Interlake, said its systems were affected by what it described as a “cybersecurity incident.”

The RM did not provide additional details about the nature of the incident, but said it has hired a cybersecurity firm to investigate and assess the situation.

The municipality said it is “still determining the scope of the impact,” and will provide updates when more information is available, according to the post.

For now, the RM said its office is unable to process bill payments, and advised residents the “quickest and most reliable” option for bill payments currently is to make them directly at a bank.

The RM also said on its website it was cancelling its scheduled Wednesday morning council meeting “on short notice due to unforeseen circumstances.”

A Winnipeg cybersecurity expert says cybercriminals often target smaller municipalities, which are typically not as well protected as larger cities.

“If you look at it from the attacker’s perspective, municipalities are generally not heavily staffed, especially in terms of technology,” Marc Perreault said Wednesday.

“So they are a fairly easy target, knowing that potentially, there’s far less eyes on the system.”

The RM of Gimli could have been hit with a variety of attacks, but Perreault said municipalities are often hit with ransomware attacks — a form of malware or malicious software that seeks out data and locks it to make it inaccessible to users.

The cybercriminal groups behind those attacks usually extort their victims to pay a ransom before releasing the data, said Perreault.

Cyberattacks against smaller municipalities aren’t a significantly growing trend, he said, but they’re “not something that’s going to necessarily slow down.”

Attackers can hit from anywhere

It’s not clear what type of data, if any, may have been accessed in the latest incident.

However, generally speaking, “if people are using things like their credit cards to pay for their different utilities and taxes,” that data could be at risk, “depending on how the municipality is handling that data,” said Perreault.

The cybersecurity firm that the municipality hired will likely be “putting together a picture” of its operations to find vulnerabilities in its systems, processes or with staff, he said.

Cybercriminal groups are essentially businesses that extort organizations, Perreault said, and while they tend to operate outside of North America, some do work within Canada.

“They’re very sophisticated, and they could be hitting from basically anywhere in the world.”

Provincial and federal governments should invest more in cybersecurity for small municipalities, said Perreault.

“Frankly, with the fact these municipalities are such low-hanging fruit, I feel like it would be in the best interest [of governments] to help support these organizations and get them some funding to be able to properly protect themselves.”