The ICO (Information Commissioner’s Office) is investigating a cyber attack that has left Redcar and Cleveland Borough Council’s computer systems crippled for almost two weeks.
More than 135,000 residents have been affected by the incident, which is believed to have been caused by ransomware.
With appointment bookings, planning documents, social care advice and council housing complaints systems still offline, employees have resorted to using pen and paper.
The ICO said it is “aware of an incident and [is] assessing the information”. Meanwhile, the National Crime Agency said it was supporting the council, and a team of experts from the National Cyber Security Centre has been on-site since 9 February.
Although there has been no confirmation that ransomware was the cause of the incident, Council Leader Mary Lanigan revealed that the council’s systems are being rebuilt, which is consistent with the way you respond to ransomware if you don’t want to negotiate with the criminals.
What is ransomware?
Ransomware is a specific type of malware that encrypts computer files, essentially locking the owner out of their systems.
Once this has happened, the ransomware will display a message demanding that the victim make a payment to regain access to their files.
Many ransomware victims feel obliged to pay up, because it’s the quickest and least expensive way to get back to business as usual.
However, experts generally urge organisations not to negotiate, because ransom payments help fuel the cyber crime industry. Likewise, there’s no guarantee that paying the ransom will mean the criminals release the files.
Thousands of attacks each day
Residents affected by the council attack are understandably unhappy, but unfortunately this isn’t a rare occurrence.
Cyber criminals are increasingly targeting local councils, because they are aware of the pressure that the public sector is under to make sure systems remain operational.
Unlike an attack on retailers, for example, victims have no alternative when systems are down. They can’t simply visit a competitor or delay whatever it is they wanted to do; they just have to go without – and in some cases that can cause big problems.
Big problems tend to result in a big pile of complaints, which is often enough to force councils to acquiesce to cyber criminals’ demands.
According to a report from the insurance broker Gallagher, 49% of local councils have been attacked since the start of 2017 and 37% were attacked in the first half of 2019 alone.
Over that six-month period, local government experienced 263 million attacks. Although many of these were low-level probes that didn’t affect IT systems, it still shows an alarming vulnerability that must be addressed.
Unfortunately, there’s no single solution. Staff awareness training is an essential and often overlooked tool in the fight against cyber crime, providing a defence against threats like phishing, which target human error.
Indeed, the majority of ransomware attacks begin with phishing scams, so simply teaching your staff how to spot a malicious email will protect you from a substantial number of threats.
But staff training must be accompanied by technological solutions, which ease the burden on employees, and effective processes and policies to prevent avoidable mistakes.
Cyber security solutions
Implement a comprehensive defence strategy with the help of IT Governance. Our range of products and services cover every aspect of an effective cyber security setup, and can be tailored to suit a variety of needs.
From consultancy services to training, staff awareness programmes, security testing, documentation toolkits, standards, software, books and guides, we have everything you need to support and enhance your security programme.