Saint John staff tight-lipped as city recovers from cyberattack
SAINT JOHN, N.B. -- It's been nearly a month since a significant cyberattack caused the city of Saint John to take its website and IT services offline.
The attack was later revealed to be ransomware, where a fee or a "ransom" is demanded in order to be able to unlock encrypted files.
Now, the New Brunswick city remains in recovery mode.
"Our action plan to restore all of our services following the cyberattack we experienced in November continues to be on track and there are no significant issues to identify," said Saint John city manager John Collin.
In the weeks following the attack, however, there has been very little in the way of details, including on the ransomware demand itself, which the city has previously said it will not comment on.
There has been no word on whether any personal information was accessed or transferred as a result of this attack. The city has said that it will notify the community as soon as it knows more.
However, Canadian cybersecurity expert Dominic Vogel says the city could be doing much better when it comes to sharing information with the public about the attack.
"From what I've seen and heard, a lot of the statements have been very generic and not offering any great insight and it's one thing for a private sector organization to do that, but for a public-facing organization I find that grossly irresponsible," Vogel said.
Vogel also says ransomware has become the predominant online threat facing organizations and the question of whether to pay the ransom isn't always an easy one to answer.