[BreachExchange] Hackney Council services offline after ‘serious’ cyber attack

Wed Oct 14 10:48:23 EDT 2020

https://www.computerweekly.com/news/252490449/Hackney-Council-services-offline-after-serious-cyber-attack

IT systems and resident-facing services at Hackney Council in London
are currently offline following an apparent cyber security incident.

I agree to my information being processed by TechTarget and its
Partners to contact me via phone, email, or other means regarding
information relevant to my professional interests. I may unsubscribe
at any time.

The council said its investigation was ongoing and provided no further
details of exactly what has transpired, although it described it as a
“serious cyber attack”.

Mayor of Hackney Philip Glanville said: “Our focus is on continuing to
deliver essential frontline services, especially to our most
vulnerable residents, and protecting data, while restoring affected
services as soon as possible.

“In the meantime, some council services may be unavailable or slower
than normal, and our call centre is extremely busy. We ask that
residents and businesses only contact us if absolutely necessary, and
to bear with us while we seek to resolve these issues.”

The compromised services include the council’s One Account, which
provides Hackney residents with a “safe, private and secure” way to
access and manage services online. These include managing and paying
council tax and applying for housing benefit, among other things.
Council tenants also use the service to pay rent and report and
request non-urgent housing repairs and other issues.

Hackney Council officers are working alongside the UK’s National Cyber
Security Centre (NCSC), external security forensics experts and the
Ministry of Housing, Communities and local Government (MCHLG) to
investigate and understand the impact of the incident.

An NCSC spokesperson said: “We are aware of an incident affecting
Hackney Borough Council. The NCSC is supporting the organisation and
working with partners to understand the impact of this incident.”

The council said it would provide further details as they come to light.

Cyber attacks against local government targets have been generally on
the rise in the past 18 to 24 months. High-profile victims in the UK
have included Redcar and Cleveland in northeast England, which was hit
by a ransomware attack earlier in 2020. There is, at the time of
writing, no evidence to suggest the incident at Hackney Council is
ransomware-related.

Recent statistics produced by Big Brother Watch, cited in a July 2020
MCHLG report, revealed that UK local authorities are faced with 37
attempted breaches every minute on average. The report also said
councils often view cyber security as a technical issue rather than a
business threat, so they tend to lack appropriate chains of
responsibility.

Local government bodies represent relatively soft targets to cyber
criminals because they are often under-resourced due to years of
cutbacks and austerity, and are more likely to run vulnerable systems
that are unpatched or have reached end-of-life and are easily hacked.
Many attacks on local government in the US have involved
vulnerabilities in Microsoft remote desktop protocol (RDP), for
example.

Local government bodies also hold a wealth of highly sensitive
personally identifiable information (PII), which may make them more
inclined to negotiate with ransomware operators or pay a ransom. As a
result, they may also generate more media coverage than a similar
attack on a large enterprise – many ransomware gangs are obsessed with
their media profile and court or bait high-profile security
correspondents and threat researchers.