lolloj - Fotolia

Most UK councils hit by cyber attacks

A study has revealed that most UK local authorities have suffered cyber attacks in the past year, showing local government is a key target for cyber criminals and that legacy software is a top security concern

An iGov survey of 38 local government departments has revealed that 76% have experienced a cyber attack and 50% have been hit by a ransomware attack in the past year.

The survey revealed a lack of understanding about cyber attacks and how to counter them at a local government level, according to the report commissioned by cyber security firm Malwarebytes.

In turn, this has led to falling confidence in a number of measures currently employed to combat cyber attacks, the report said, with most councils saying their existing legacy systems were inadequate to deal with modern threats.  

“The threat of cyber crime is on the up, driven by career criminals who are highly skilled, innovative and will stop at nothing to target organisations that hold people’s private information,” said Anthony O’Mara, vice-president for Europe at Malwarebytes. “This was perfectly demonstrated by the recent WannaCry attack and the devastating effect it had on the NHS.”

According to O’Mara, other high-profile incidents, such as the ransomware that crippled Lincolnshire City Council, provide further evidence of just how devastating this type of crime can be.

The report also revealed that legacy systems in local councils are a major cause for concern, with 72% of respondents saying it was either “difficult” or “very difficult” to integrate new systems and applications.

This shows that for many local government organisations, old, outdated technology is having a negative impact on managing cyber risk, the report said.

The report coincides with the publication of a freedom of information request by the BBC that revealed that more than one in five of Greater Manchester Police’s computers were still running Windows XP as of July 2017.

Raj Samani, fellow and chief scientist at security firm McAfee, said this highlights a need for the police and the wider public and private sectors to join forces to reduce security vulnerabilities.  

“The public sector is an increasingly popular target for cyber criminals,” he said. “Its ample sensitive data provides large-scale opportunities to cause havoc, as was made evident this year with the WannaCry attack, which had a significant impact on the NHS.

Read more about ransomware

  • Businesses still get caught by ransomware, even though straightforward avoidance methods exist.
  • Criminals used devices compromised for click fraud as the first step in a chain of infections leading to ransomware attacks, said security firm Damballa.
  • The first half of 2014 saw an increase in online attacks that lock up user data and hold it to ransom.
  • The Cryptolocker ransomware caught many enterprises off guard, but there is a defence strategy that works.

“It is no secret that our public sector is grappling with significant budgeting challenges. On top of this, new strains of malware are being developed every day. It is therefore essential that security remains a key priority, and that police forces ensure they are looking to the most effective and efficient ways to secure their operations and data. From running the most up-to-date operating systems to ensuring all devices are protected against malware and ransomware, our public sector needs to be protected.

“Private businesses need to support the public sector in making this possible. Projects such as No More Ransom demonstrate the power of law enforcement and IT security companies joining forces. Since its conception a year ago, we have worked with police forces to provide free-to-use decryption keys and prevent ransomware attacks.”

David Emm, principal security researcher at Kaspersky Lab, pointed out that it is more than three years since Microsoft stopped supporting Windows XP. “It is alarming that some organisations continue to use Windows XP,” he said. “The fact that Microsoft issued emergency updates for XP and other unsupported systems in response to the WannaCry outbreak should not lure organisations into a false sense of security. There is no guarantee that this would happen for future attacks.

“It is important to remember that cyber criminals target systems and applications that are widely used. Even if companies are running the latest software, it is still crucial that they have preventive measures in place to protect themselves from ransomware attacks.”

Emm said organisations should install updates to all devices as soon as they become available, back up data regularly, use a reliable security system, keep key proactive detection features switched on, and encourage staff to adopt a security mindset.

Current technology fears

Concern over current technology was again raised, with one-third of those surveyed by iGov saying they are not confident in their current systems’ ability to identify and remove suspicious traffic, and the same number indicating that their systems do not protect against zero-day threats, including ransomware.

More than half (52.7%) of respondents said the complexity of cyber threats and the need to keep up with new developments is a concern, which also resonates across many private sector firms, the report said.

The top three concerns for local councils when it comes to a potential cyber attack are: loss of sensitive data (53%), financial repercussions (53%) and impact on service delivery (41%).

“It is clear from these findings that there is widespread awareness of the threat of cyber crime among high-ranking local government officials, but many are not yet confident in their ability to deal with it,” said O’Mara.

“A lack of faith in legacy systems has led to a massive crisis in confidence within local government, which only adds to the vulnerability of these organisations. This, combined with a very noisy supplier marketplace, has meant many high-ranking government officials are now left confused as to how to best deal with these threats.

“When looking for security providers, they must partner with cyber security firms that can not only provide 24/7 evolving protection against these complex threats, but also act in an educational and consultative role. This will ensure the full range of cyber crimes and threats they face can be combated effectively.”

Read more on Hackers and cybercrime prevention