Hamilton spent $5.7 million recovering from February ransomware attack: report
Less than half of city's online 'applications' restored, says Deloitte. City plans to spend millions more
The City of Hamilton has spent $5.7 million dealing with the ongoing impacts of a ransomware attack in February.
In the first report made public about the cybersecurity incident, city staff detail the extent of the impacts and costs since it happened Feb. 25. The report will be considered by council at a general issues committee meeting Wednesday.
The $5.7 million was used for external experts, infrastructure, staffing and other costs, and the city is still in the midst of restoring services, staff say. This cost is being covered through the 2024 budget.
The city also plans to spend another $33.6 million between 2025 to 2033 to strengthen the city's cybersecurity and modernize and digitize services, says the report. The city could draw money from pre-approved technology and security projects, reserves or delay some capital projects to minimize the impact on taxpayers.
The ransomware attack shut down almost all city phone lines, paralyzed city council and impacted dozens of services including the bus schedule app, library WiFi and permit applications. The city maintains that there was no indication personal information was stolen.
The city decided not to pay the ransom and to rebuild its systems instead. It hasn't revealed how much the hackers were demanding.
Impacts continue for fire department, public health
Of the 228 online "applications" impacted, less than half — or 45 per cent — have been restored, although priority was given to those that were deemed "critical," says a presentation prepared by Deloitte for Wednesday's meeting.
Deloitte is one of the companies hired by the city to respond to the incident.
It will take years for the city to fully recover, says the presentation.
"There is still a long road ahead, but we continue making good progress to restore and protect many of our critical networks and systems," said City Manager Marnie Cluckie in a news release.
"We are mindful that this work comes at a cost, and are exploring all options to ensure the very best value for taxpayer money in a way that also considers both immediate needs and the future state of the city's services."
According to the report, staff are using manual processes for services that continue to be impacted, or temporarily relying on external sources like DocuSign and QuickBooks. The services that continue to be impacted include:
- Permit applications and licensing
- Fire department records management
- Fire department paging and alert system
- Asset management
- Public health inspections
- Traffic signal system management
- Business management application suite
- Museum collections management
- Utility locate service
- Corporate customer relationship management platform
- Facility management
- Point of Sale (POS) system
With files from Bobby Hristova