The city of Montreal is accusing an IT company called to the rescue after a major cyber attack that it “held hostage” and used data as “negotiated leverage.”
The company in question, Verdisoft, flatly denies the allegations and explains that it limited the city’s computer access due to its dangerous practices. He reached an agreement with the city at the last hour, he indicated Wednesday afternoon.
This file is about the Montreal Electrical Services Authority (CSEM), the paramunicipal body responsible for managing underground cabling on the Island of Montreal. On August 3, CSEM fell victim to a cyber attack by a group of hackers called LockBit. They demanded 2 million US dollars to return the data.
After refusing to pay the ransom, CSEM quickly called in Vertisoft from Victoriaville for a rescue.
Its IT professionals restored the company’s systems to the company’s servers rather than the compromised ones.
But in mid-October, “Verdisoft, on its own initiative and without notice, revoked CSEM’s administrator access to all of its data,” the organization alleges in a lawsuit filed Monday in a Montreal court. “Since then, Verdisoft has repeatedly represented that it would restore administrator access, but has systematically ignored it, citing various excuses that have evolved over the weeks. »
According to the City of Montreal, the company claimed nearly $250,000 in expenses.
Avoid a new attack
Vertisoft doesn’t see things the same way.
The company asserts that it denied administrator access to CSEM due to its poor cybersecurity practices. All Vertisoft customers’ data could have been compromised, M arguede Vincent Langlois in a telephone interview.
Vertisoft “has never refused to transfer data,” he assured. “They have refused to do it in an unorganized way and in this environment are affecting their own infrastructure. »
We cannot accept working out of order. There is deep disagreement between people at CSEM and Vertisoft about good IT management practices and best practices for preventing a new attack from affecting servers.
Me Vincent Langlois, Verdisoft Attorney
Me Langlois mentioned sharing admin accounts between multiple people as an example of bad practice.
The EMSB “believed there was no real risk in moving too quickly, while we felt we had to do things very cautiously given the history.”
“Lots of documents are lost”
In its lawsuit, the city of Montreal is demanding the immediate return of the data, as well as $25,000 in damages. For weeks, CSEM had to go through Vertisoft every time it wanted to access its own data, creating delays and payment delays.
“The city will not be commenting publicly on the case as it is being legalized,” publicist Gonzalo Nunez said by email Wednesday.
Me Vincent Langlois, for his part, assured that the agreement for data exchange between Vertisoft and CSEM was concluded on Wednesday. At the time the lawsuit was filed, “we were — in our view — a few details away from completing the process.”
In a presentation at City Hall at the end of November, CSEM’s boss talked about the impact of cyberattacks on his teams. However, he did not say a word about the problems with Vertisoft.
“I won’t hide from you that all employees have been affected by the cyber attack, that’s for sure,” said Robert Gauthier. “A lot of working documents have been lost, many people are discouraged, that’s for sure. » He pointed out that it was possible to rebuild a part of EMSB’s document bank from broken links in employees’ e-mail boxes.
The August cyber attack was not the only problem the EMSB faced in recent months. In October, Pres The head of the organization revealed that he had outlined plans to launch his service in the hydrogen market with a company close to him. Sid Zerbo was soon suspended pending an investigation, and remains in that position.
With Louis-Samuel Peron, Pres