The city of Montreal accuses the IT company it called in after a major cyberattack of taking data “hostage” to use it as “negotiating pressure.”
Published at 0:00
The company in question, Vertisoft, completely denies these allegations and says that it restricted the city’s computer access due to its risky practices. She announced late on Wednesday afternoon that she had reached an agreement with the city in the last few hours.
The file concerns the Montreal Electrical Services Commission (CSEM), a paramunicipal organization responsible for managing underground cabling on the island of Montreal. On August 3rd, the CSEM fell victim to a cyberattack by a hacker group called LockBit. They demanded $2 million to return the data.
Since CSEM refused to pay the ransom, it immediately called Vertisoft of Victoriaville to help.
Its IT experts restored the company’s systems to the company’s servers, rather than the servers that had been compromised.
But in mid-October, “Vertisoft, on its own initiative and without notice, revoked CSEM’s administrative access to all of its data,” the organization claims in a lawsuit filed Monday in Montreal court. “Since then, Vertisoft has repeatedly stated that it would restore administrative access, but has systematically failed to do so, citing a variety of excuses that have evolved over the weeks. »
According to the City of Montreal, the company also demanded payment of almost $250,000 in costs.
Avoid a new attack
Vertisoft doesn’t see things that way.
The company asserts that it refused to grant it administrative access due to CSEM’s poor cybersecurity practices. All Vertisoft customers’ data may have been compromised, Mr. Vincent Langlois argued in a telephone interview.
Vertisoft “never refused to transfer the data,” he assured. “They have refused to do this in a disorderly manner and, in doing so, to endanger their own infrastructure. »
We couldn’t accept working erratically. There is a deep disagreement between CSEM and Vertisoft staff about good IT management practices and best practices to prevent a new attack from affecting servers.
I am Vincent Langlois, lawyer for Vertisoft
Me Langlois specifically mentioned sharing admin accounts between multiple people as an example of poor practice.
The EMSB “believed there was no real risk in moving more quickly, although given history we felt things should be approached very cautiously.”
“Many lost documents”
In its lawsuit, the city of Montreal is demanding the immediate return of the data and payment of $25,000 in damages. For several weeks now, the CSEM has had to use Vertisoft every time it wants to access its own data, causing, for example, delays and delays in payments.
“Given the legalization of the case, the city will not comment publicly on the case,” publicist Gonzalo Nunez said via email Wednesday.
For his part, Vincent Langlois assured that a data transfer agreement was concluded on Wednesday between Vertisoft and the CSEM. At the time the lawsuit was filed, “from our perspective, we were only a few details away from completing the process.”
At the end of November, the head of CSEM spoke about the impact of the cyber attack on his teams in a presentation at the town hall. However, he didn’t say a word about the problems with Vertisoft.
“I don’t want to hide from you that all employees were affected by the cyber attack, that’s for sure,” said Robert Gauthier. “Many working documents have been lost, many are discouraged, that’s for sure. » He pointed out that part of the EMSB’s document bank was able to be recovered from attachments that were lying dormant in employees’ email inboxes.
The August cyberattack is not the only problem the EMSB has faced in recent months. In October, La Presse revealed that the organization’s president had outlined plans to launch its service in the hydrogen market with a company with which he was closely linked. Sid Zerbo was quickly suspended pending investigation, a position in which he still remains.
With Louis-Samuel Perron, La Presse