THE mayor of Gondomar in Porto has revealed that the cyber-attack the municipality suffered in September was the ‘biggest-ever on a public institution’ in Portugal.
In an interview with the Lusa agency, Marco Martins, explained on Wednesday, November 1, that around €1.5 million had already been spent on restoring the computer system.
Citing a report from the National Cybersecurity Centre, he confirmed that the attack suffered in the early hours of September 27 was ‘the greatest attack ever carried out on a public institution in Portugal’ and that, by virtue of this, expenses have not stopped increasing.
‘We’ve spent between €1.4 and €1.5 million on investments that have already been made and others that are planned. For example, on reinforcing security in which we’ve bought more than 700 hard discs and services’, Martins detailed.
He continued: ‘Outside of this are the accumulated losses from days and days of downtime, because then we’re talking about many millions of euros of losses’.
When was the attack discovered?
The alert sounded at 05:38 am on September 27, and the effects of the attack will continue to be felt, with the mayor optimistically assuming that: ‘normality will probably only be restored by the end of the year’.
Once the ‘priority’ of restoring service and normality had been achieved: ‘exhaustive work followed to recover 900 networked computers, which involved changing discs, installing operating systems, software and applications’, Martins explained.
He pointed out that: ‘Almost all the machines are now operational, around 90 per cent, but there are still online services that are affected and cannot yet be made operational’.
Asked about the veracity of rumours that the hackers had been ‘infiltrating the municipality’s system for over a year’, Marco Martins responded with more figures.
‘The experts said that our system was robust, but we were still attacked. On average, we suffer 21 attacks a month, and this attack was more sophisticated and the system couldn’t resist’, he summarised.
What had to be done after the attack occurred?
Once the authorities were alerted, the solution was to hire ‘a private company linked to the Altice group’ to help ‘recover the data that was encrypted’. This has since been ‘largely achieved’ even though the council still needs to use ‘a parallel system to serve the public’.
‘There is no final report yet, but the information we have from the authorities is that the attack came from a Russian server’, and that the ‘ransom demand reached €750,000’, the mayor revealed.
The ransom was not paid for three reasons, said the mayor of the Porto district.
‘Firstly because we were advised by the authorities not to do it, secondly because there was no guarantee that the data would be recovered and thirdly because, as we are a public service, we wouldn’t open a public tender to pay for it’, he explained.
When does the mayor hope will more answers be known?
Revealing that there were ‘many projects, submitted by both residents and by the council, that have been affected’, with the start in November of the external audit to determine responsibility for the computer attack, Marco Martins hopes to get more answers about what happened on 27 September.
‘They say that there were many entries to our system for a long time. Experts say the goal was to stop the camera. Much more than extorting money or stealing data, the attack aimed to paralyse the camera. It is being investigated’, he said.
Marco Martins also highlighted the uniqueness of the fact that the crisis room of the Municipal Relief Operations Centre, inaugurated on 25 March: ‘debuted with this incident, not with a fire or a storm, but with a computer crisis, something that had never been thought of’, as reported by portocanal.sapo.pt.
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest World News Click Here