London Drugs boss in the dark about reason for cyberattack
The president of London Drugs says he doesn't know why the company was targeted in a cyber attack that forced it to close its stores for more than a week, but hackers with sophisticated methods are “constantly probing for weaknesses” in online systems.
Clint Mahlman said the pharmacy and retailer had been preparing for such a situation for years, and it shut down immediately after the cybersecurity breach was discovered on April 28 in order to contain the threat.
Since then, he said London Drugs has been working with cybersecurity experts to “methodically go through every system” and bring them back online in a secure way.
Mahlman said he has no knowledge whether the breach might be connected to B.C. Premier David Eby's announcement Wednesday the province had detected “sophisticated cybersecurity incidents” involving government networks.
He also said he wouldn't share “details of any interactions with the threat actors.”
Mahlman said he's sorry the company couldn't release more details in the days after the incident, but they don't want to give the attackers any leverage.
“The cybersecurity experts deal with these people all the time, and as such, they see certain behaviours from certain threat actors,” he said on Thursday.
Mahlman said hackers look at media reports about the cyber attacks, assessing whether the company is aware of the extent of the breach and its ability to recover.
“They use that information to either sustain their attack or leverage in some sort of way against the company.”
London Drugs will not knowingly give hackers that leverage, Mahlman said.
“We apologize to the media and our customers that we couldn't have given more details that they want, but that's our commitment to the safety and security of our systems and our customers.”
London Drugs said on Tuesday that all 79 of its stores in B.C., Alberta, Saskatchewan and Manitoba had reopened. In Saskatchewan, there are three locations in Saskatoon and two in Regina.
In the B.C. government incidents, Eby said provincial authorities were working with the Canadian Centre for Cyber Security and other agencies to determine the extent of the problem, but there was currently no evidence that sensitive information had been compromised.
He said the investigation was ongoing and more work needed to be done to determine what information could have been accessed.