Cyberattack costs Woodstock $667K
The city decided not to engage with the hacker, no ransom handed over
The city of Woodstock spent $667,627 to resolve a cybersecurity attack earlier this year.
According to staff report, the municipality spent more than $560,000 on a cybersecurity company, Deloitte, which helped them contain, investigate, and recovery from the breach.
Chief administrative officer David Creery said they never paid a ransom.
"There's not necessarily a demand … the screen will provide two email addresses that are untrackable," he said. "Those are the email addresses you would need to use to engage with the threat actors."
Creery said the municipality had already backed up all the data that became encrypted and inaccessible, and decided early on not to engage with the hacker.
"We have a very diligent IT team that has a ritual of backing up all our systems. So we didn't feel like we should be paying for something we already had," he said.
"If we had reached out and paid ransom, we would have gotten the keys back to our network faster, we would have been able to get back our system quicker, but we would have been working with a system that can't be trusted," said Creery.
City services that used a third party software– like transit, facility booking and recreation programming – continued to operate after the attack. The city's own network had to be disconnected from the Internet, Creery explained.
"While people could use our transit system, the difficulty would be if one of our transit buses broke down and we had to bring it back to our shop to diagnose the problem," he said. "To diagnose you need an Internet connection, and we couldn't deploy Internet without [risk]."
Creery said the attack was largely resolved within two months.
A full breakdown expenses related to the attack was on the agenda at Tuesday's city hall meeting. It says the city also spent nearly $55,000 on overtime compensation for staff and $31,000 on firewall and network support.
"The cost is commensurate with the size of the network that we have and the complexity of the network," said Creery. "The bigger the network, the more complex, the more connections you have, the more cost it is to rebuild."