Cyber Security Risks Faced by Local Government

In order to improve the services they offer the public, Local Authorities are embracing digital transformation, an adoption that has been accelerated by the social distancing demands of the pandemic.

While the benefits of digital transformation are clear, this push for wider digital adoption is not without its risks and challenges.

One of the most common, and potentially most damaging of these risks, is the threat of cyber crime. According to a Gallagher survey, during the first half of 2019 alone, the UK’s Local Authorities suffered 263 million attempted cyber-attacks, an average of 800 every hour.1 

Despite the huge risks and costs associated with cyber crime, local government institutions are often underprepared to protect themselves against these attacks. The same survey by Gallagher indicated that:

  • Only 13% of Local Authorities have cyber crime insurance.
  • Nearly half of local government workers do not know what ransomware is.
  • More than three-quarters of public sector workers (77%) have been given no instruction in how to recognise ransomware.
  • 42% of public sector workers have not heard of two-factor authentication.

In this article, we’ll be looking at the cyber security risks associated with local government and what can be done to mitigate cyber crime’s impact on digital transformation, allowing Local Authorities to reap the benefits of wider digital adoption. Let’s get started.

Suggested reading: If you want to learn more about cyber security in the public sector, check out our blog — Fundamentals of Public Sector Cyber Security

The risks

While organisations across both the public and private sectors are under constant pressure due to the cyber risks they face, Local Authorities are exposed to some very specific threats. It’s worth taking the time to look at these in more detail.


Hacktivist groups employ cyber crime in order to make a social or political statement. The most commonly recognisable hacktivists are Anonymous, a decentralised group of hackers and activists who have launched attacks against targets from the terrorist group ISIS to the Church of Scientology.

For obvious reasons, government institutions are common targets for hacktivist activities. In fact, in one of the largest hacktivist actions against local governments, Anonymous spent much of late 2019 attacking local authorities in Chile.

In what was dubbed OpChile, the group attacked and stole data from targets including the Metropolitan Public Transportation Directorate, Chilean national law enforcement, and the Chilean army.2


Ransomware is a form of malware that encrypts vital files, rendering entire computer systems useless. The cybercriminals responsible then demand a ransom for the encryption key required to unencrypt the data.

In 2020 around 48% of UK organisations, including city councils, were hit by ransomware, with the average cost of remediation after a successful attack in the UK sitting at £716,330.3

The local authorities of Redcar and Cleveland, Hackney, and Copeland have all been successfully targeted with ransomware attacks, with the Redcar and Cleveland attack alone costing an estimated £10 million.4

Suggested reading: For the latest updates on ransomware attacks from our Cyber Intelligence Team, check out our free resource — Cyber Intelligence Team Threat Report 23/08/21

Outdated IT infrastructure and underfunding

Unlike private sector organisations, Local Authorities often have to compete against each other for a limited amount of funding. 

This internal competition, and subsequent lack of funding, can often leave local governments with outdated legacy systems which are more vulnerable to attacks, along with a shortage of internal cyber security skills due to a lack of training.

Attempting to solve this issue with recruitment drives puts increased pressure on already stretched budgets, and is a time-consuming solution to a time-sensitive issue.

Additional reading: For more on the evolving cyber threats landscape, take a look at our blog — The Threat Landscape Never Sits Still: Four new risks organisations face in 2021 

CTA for cyber security eBook of business man looking at statistics

New digital opportunities

Having a robust cyber security plan in place is vital in order to access the advantages that come with digital adoption. 

Once that plan has been fully implemented, Local Authorities can reap the many benefits digital transformation has to offer, which we’re now going to examine.

Improved services

Digital transformation has the potential to improve the services offered by Local Authorities drastically:

  • Artificial Intelligence (AI) chatbots can be used to answer questions 24×7, replacing reliance on customer services only offered during office hours.
  • Repeat process automation (RPA) making data entry faster and more accurate, while freeing up skilled staff for other tasks.
  • Centralised cloud-based document depositories allow departments across the UK to access vital information quickly and efficiently.
  • A greater number of online services offers more convenient self-service options for digitally savvy residents. 

Better internal communication

Open and efficient communication is key to delivering an effective service. 

The greater adoption of internal communication tools like Teams, and external communication tools such as social media, allow greater two-way flows of information between departments, local governments, and residents.

Digital delivery tools can also increase sharing and effective teamwork across departments and different local authorities, allowing for the dissemination of best practices and overall greater efficiency.

Enhanced transparency

The workings of local government have a reputation for being labyrinthine and opaque. 

Greater adoption of automation and the above-mentioned communication tools can increase transparency, keeping residents informed at every step of the process and highlighting inefficiencies.

If publically available data is placed in publicly searchable databases, departments will have to devote less time to answering freedom of information requests, reducing their overall workload and allowing them to concentrate on productive tasks. 

Increase efficiency

Greater digital adoption is inherently linked with improved efficiency. 

The use of Robotic Process Automation (RPA) creates more efficient workflows, with software taking over basic data entry tasks from staff, allowing them to operate on a 24×7 basis while freeing up skilled workers to take on more advanced responsibilities.

Cloud-based data storage prevents the siloing of departments and allows staff to access data rapidly, regardless of where they are working.

This allows staff to work more efficiently, and saves a significant amount of time compared to outdated pen and paper processes. It also allows a greater number of customers to fill in forms online, further decreasing potential delays.

Enable remote working

For organisations worldwide, the social distancing restrictions put in place to combat the COVID-19 pandemic have made remote working the new normal. 

However, most Local Authorities were not set up for having their entire staff working remotely, leading to delays, disruptions and an increased cyber security risk. 

While the restrictions put in place by the pandemic were certainly unique, they also highlighted the gaps in the remote working infrastructure Local Authorities had in place. 

With the improved digital communication tools and cloud-based infrastructure available through wider digital adoption, Local Authorities are better-placed to adapt to similar disruptions in the future.

Unlock the digital future with the right partner

In order to access all the possible benefits of greater digital transformation, Local Authorities will need to have a robust cyber security plan in place to address potential risks. 

Proper investment in cyber security infrastructure and staff training is critical to being able to tap into the benefits of digital transformation, without hugely increasing the risk of cyber crime. 

By partnering with market leaders in the cyber security industry, Local Authorities across the UK can bring in the cyber security expertise needed to complete their digital transformations while shielding themselves from cyber-attacks. 

As a Microsoft Azure Expert MSP and cyber security market leader, Six Degrees offers Local Authorities a huge range of benefits, including:

  • Fully managed threat detection and response that provides full endpoint security at a more manageable cost than internal recruitment, ideal for local authorities with a limited budget.
  • Mature cloud capabilities allow local governments to embrace digital transformation by offering expert advice throughout cloud adoption.
  • Managed cloud services allow Local Authorities to create secure, flexible platforms that enable remote working through virtual desktop solutions and next-generation voice, video and messaging services.

Schedule a call with us today and see how Six Degrees can help you embrace the benefits of digital transformation with a resilient cyber security strategy.

CTA for call of woman smiling on the phone

Subscribe to the newsletter today

Related posts

Cyber Security Best Practices in 2022: How to Do More With Less

Cyber Security Best Practices in 2022: How to Do More…

Organisations around the world are connected like never…

Planning for the Future of Cyber Security Today

Planning for the Future of Cyber Security Today

Planning for the Future of Cyber Security Today…