How the Ottawa Police Hardened Online Ops with Secure Cloud Services

Share this post:

The Ottawa Police Service dates back to 1847. Since then it has been protecting the safety and security of our communities in Ottawa, Canada.

But in November of last year, it was the Ottawa Police Service that became the target of an attack – specifically, over the web.

It all started on a Wednesday when a Twitter message popped up on our feed threatening a Distributed Denial of Service (DDoS) attack. There were no details indicating when or why we were suddenly a target.

For those who may not be familiar with IT acronymns, a DDoS attack occurs when hackers overwhelm a system from multiple sources so that its online services become completely unavailable.

That following Friday, a multi-pronged attack had launched – attempting to hijack our website by switching Internal Protocol (IP) addresses and trying to jam our email system pipe, which would have made it impossible to send or receive emails. In just one hour, our firewall experienced over 2 million hits.

With the little information that we had on this planned attack, we thought in the moment that it could be handled with our existing infrastructure. Our assumption of the cyber resiliency of the network lines at the time was premature.

First came the attempted hijacking of our website, and while we managed to avoid an actual hack, it became apparent that we had other issues to resolve – too fast, too furious. What happened after?

We shut down our website, and asked IBM for help.

Together, we developed a future action plan that included advanced malware protection, improved threat monitoring and state-of-the-art shield defenses to recover our online services as quickly as possible.

The important steps we took to remain cyber secure:

• Migrated the Ottawa Police Service website to a different platform and installed a cyber shield to deny hackers direct access to the website infrastructure
• Built a web application firewall to deny applications and volumetric attacks, such as SQL Injection, Cross-Site Scripting and DDoS
• Looked into the functionality of Fast Domain Name Service (DNS), a directory of domains, and set it up as our primary infrastructure, to allow for better and more accurate communication across networks

Despite the severity and complexity, the Ottawa Police Service website was back online just days later.

IBM Cloud infrastructure services, via SoftLayer, with managed security services and proactive security expertise, the Ottawa Police Service was able to restore and defend itself from further incoming attacks. IBM gave us the peace of mind we needed to turn our focus back towards looking after our community.

There’s an underlying lesson in this irony: while we were protecting the city, we weren’t properly preparing to protect ourselves.

What’s important to understand and take away from our experience, is that remaining cyber secure and building a cyber resilient infrastructure, is a pivotal strategy for any business or organization to survive in this digitally-driven landscape. The same way as anything in this fast-paced milieu, it’s no longer enough to simply react after the fact – in this case, after an attack has already occurred.

No one is immune to cyber threats. In fact, DDoS attacks alone affected 23,000 worldwide websites in just the first quarter of 2015.

It came as no surprise that as soon as the Ottawa Police Service website went back online, the hacking attempts started again. The difference: rather than two-hour simultaneous attacks, we were only subjected to two-minute probes. Ninety percent of our website hits were handled offshore – before they left their countries of origin – rather than within the Ottawa Police Service infrastructure. As a result, we were able to deal proactively in response to these malicious probes.

So ask yourself, are you ready for a cyber attack?
___________________________________

For more on this topic, click here to access the on-demand webinar discussion with Steeves and other experts.