Phased return of municipal services begins, will continue over next few weeks
The Resort Municipality of Whistler (RMOW) has restored some of its online services following a cybersecurity incident. Restoration of most critical services is expected by the end of the month.
- The full version of the RMOW’s website, whistler.ca is back online, however, some payment features remain unavailable.
- Email services are now back online. Municipal departments are responding to emails in the order they were received.
- The program for issuing property tax notices has now been restored and property tax notices will be mailed to homeowners in the coming days. The online system for viewing property tax notices remains offline. The property tax deadline for 2021 is July 30. However, in response to ongoing COVID-19 impacts to businesses and residents, penalties will not be charged on late payments until October 1, 2021.
- Full details of available services and a restoration timeline can be found at www.whistler.ca
The RMOW’s business continuity group has been prioritizing services so that remaining critical systems required for permits, payments and communications can be restored as soon as possible. In most cases, the RMOW’s network is being re-built from scratch or near-scratch to ensure resiliency against known future cyber threats going forward.
“RMOW staff have been working diligently seven days a week for six weeks to aid in the investigation and bring our network back online,” said Virginia Cullen, Chief Administrative Officer. “We recognize the disruption caused by the cybersecurity incident has been a significant inconvenience for many of our community members, especially those that rely on our building and planning departments. We are keen to turn our focus toward addressing the backlogs that this situation has caused. Thank you to everyone who have shown our staff kindness and patience during an incredibly stressful time.’
The RMOW suspected a cybersecurity incident affecting its servers and pulled all online systems offline on April 27, 2021 to protect the RMOW’s network. Cybersecurity experts were immediately brought in to investigate the incident. RCMP were notified and opened a criminal file on the incident.
At this point in time, experts leading the investigation believe that access to the RMOW’s network was the result of a zero-day vulnerability. A zero-day vulnerability is an unknown flaw in software that exposes a vulnerability before it is widely known, and before a fix is available. The RMOW did not receive a ransom request, nor did the RMOW make any payment to, or engage in dialogue with, the threat actors. The RMOW’s servers were not encrypted, nor did the RMOW lose access to them.
“Cybercriminals are innovating at a rapid pace, growing more sophisticated,” said Daniel Tobok, Chief Executive Officer (CEO) of Cytelligence, a leading international cyber security firm. “Organizations are frequently impacted to such a degree where operations completely come to a halt. Cyber-attacks need to be top of mind for all organizations, whether big or small, and they should have a comprehensive cybersecurity strategy that includes an incident response plan. The Resort Municipality of Whistler was able to resume operations in a relatively timely manner because they were prepared and had a plan in place.”
To date, the investigation has determined that only private personal information of RMOW employees was impacted and has not found evidence that any of the public’s private personal information was compromised. The investigation is ongoing and the RMOW has employed dark web monitoring services to continue to monitor for any private information that could be posted to the dark web. Should the investigation findings reveal that any additional data or information in the RMOW’s care was compromised, the RMOW will notify those impacted, providing them with guidance to help ensure the security and protection of their data.
The RMOW has engaged the Office of the Information and Privacy Commissioner for B.C. in responding to the incident as the RMOW is legally required to protect all personal information in its care. The RCMP and national cybercrime units continue to pursue the associated criminal case.
The most up to date details regarding the RMOW’s cybersecurity incident as well as information about services restoration can be found at www.whistler.ca