A cyber attack that targeted IT systems and necessitated an emergency response across the capital triggered the shutdown of critical services in some London borough councils. The event started early in the week, impacting the council systems that process housing applications, social services, and council tax online. This has left thousands of residents unable to access necessary council services. Preliminary Information indicates this is likely another coordinated ransomware attack in which hackers target council systems to encrypt critical data.
Cybersecurity experts are saying this attack stems from using under-secured legacy systems
While each of the councils has been tight-lipped about how many systems have been compromised, they are unified in their confirmation that more than one borough has taken a portion of their servers offline. Emergency response teams have been working tirelessly, and thus far, no one has gone public with the impact of the attack.
With the ongoing attacks, residents who use digital services face service disruptions. Residents can no longer access online shelters, social housing applications, parking permits, and business permits. Some councils reverted to other processes and asked residents to call the help desk customer support or go to their local offices, resulting in long wait times and more delays.
Community and public service leaders from the councils and the social housing and social support applications warned that these people are likely the most vulnerable and most affected. One council representative said,
โThis attack is centered on the impacts that services are needed. Our most urgent service is to protect the systems and restore services that have been discontinued. As a result, our most important services must be systems that are protected, and in their most urgent, services are to restoreโฆ data and protect the protection of systems.โ
The NCSC and London Cyber Resilience team are providing support
The authorities are providing no details of the existing ransom; however, it is assumed these offenders are part of a ransomware team. These offenders are believed to be part of a European ransomware team.
In an announcement, the NCSC stated that all public sector organizations are to assess their security posture as soon as possible. The NCSC noted,
“This is a reminder that local authorities are still big targets for cybercriminals. We recommend multi-factor authentication, closing security gaps, strong backup systems, and other security measures.”
In the last few years, cyber attacks have targeted local authorities, and this phenomenon seems to have increased lately. Analysts cite the increased digitization of public services and the highly sensitive data local authorities possess as a contributing factor to this phenomenon.
Analysts have noted that local councils and authorities are generally constrained by their budgets, leaving them under-equipped and overstaffed with outdated systems.
The financial impact of these types of attacks is often a cause for concern
Aside from the ransom demands, councils are burdened with inadequate systems, and the costs associated with these systems also increase their expenses. A recent cyber-attack in the UK illustrates this point, as the local authorities were left with insufficient systems and were burdened with inadequate expenses in the millions.
Authorities have stated that the damage control will likely take a few weeks, and during this time, councils will try to deal with their most critical and important services. This will include emergency services that involve sheltering and protecting vulnerable members of the community.
Many investigations have demonstrated that the future of malpractice administration is cybersecurity. From the attacks carried out by ransomware to cyber security attacks, the local authorities in London and other cities in the UK have faced cyber security attacks that limit the use of web services accessed by the general public. These services are accessed on a daily basis by a large number of people.
