The Sarnia Police department has launched a review of its web security after a hacker claiming allegiance with the ‘hacktivist’ collective Anonymous breached and temporarily shut down websites last month.
“In light of recent occurrences in Ottawa and Toronto, we are reviewing our security and policies to ensure we are protected,” Sarnia Police media officer Les Jones told the Journal.
Jones did not elaborate on what, if any, precautions would be taken following the high-profile security breaches.
A hacker or group of hackers under the name Aerith claimed responsibility for infiltrating the City of Ottawa’s website and redirected visitors to a black webpage featuring a dancing banana, alongside an ominous message about a city police officer.
The page was removed after the city website was briefly taken down.
Aerith claimed on Twitter it was also behind the temporary closure of the Ottawa and Toronto police sites, as well as pages for Parliament and the Supreme Court of Canada.
Police in Ottawa said no sensitive information was compromised, although Aerith claimed to have intercepted private police email.
The City of Sarnia has contacted the company that hosts its website to “discuss the Ottawa situation” and get assurance it’s protected from cyber-attacks, said Ron Marshall, the city’s manager of information technology.
The company recommended the city bolstering its security, he said.
“Although IT staff are confident that all necessary steps have been taken to prevent these types of cyber-attacks from penetrating the City’s corporate computer environment, network security activities are monitored on a regular basis,” Marshall said.
The city website is hosted off-site and does not directly connect to Sarnia’s municipal system. As a result, the website cannot act as a “doorway” into the city’s information systems and data, he said.
Marshall added no personnel information is stored on the city’s Internet site.
Business and private residents need to be vigilant, he said, stressing the importance of regularly updating anti-virus and malware software, and ensuring firewalls are in place.
Jones said institutions and individuals should frequently review their security software and be vigilant about unknown callers requesting remote access to their computers.