In October 2020, Hackney Council suffered operational issues following a suspected ransomware attack. The attack caused significant disruption to Hackney Council and its residents. What is the ransomware threat to Local Authorities, and how can you protect your people and your residents?
As the coronavirus pandemic rolls on, the cybercriminal fraternity continues to launch cyber-attacks that aim to exploit money from victims. Throughout the pandemic, hackers have been especially active targeting organisations throughout the public and private sectors that they have seen as softer targets.
Local Authorities have been one such group that has received special attention; given their need to stretch funding and the critical services they deliver to residents, they are seen as low-hanging fruit by hackers.
For evidence of this, you need look no further than Hackney Council in east London. Hackney Council was successfully targeted in a high-profile ransomware attack in October 2020, resulting in significant disruptions for its people and residents.
In this blog we’ll explore the ransomware threat to Local Authorities and provide guidance for how your Local Authority can protect its people and residents.
The Hackney Council Attack
So what actually happened in the Hackney Council cyber-attack? Details on how the Hackney Council cyber-attack was launched are a little thin on the ground, but what we do know is that the attack was executed in early-October 2020 and the Council described it as a “serious cyber-attack”. Many people believe hackers targeted Hackney Council with ransomware, a malicious form of malware that encrypts files – making them unusable. Ransomware is a real money spinner for hackers, who demand large sums of money from victims in order to provide the keys needed to decrypt files and restore services.
Top Tip: to learn more about ransomware and how to protect your organisation, check out our handy 10 steps infographic.
What we do know a lot more about is the impact the Hackney Council cyber-attack had on the Council’s people and its residents. The cyber-attack compromised the Council’s ability to deliver fundamental services to its residents, as its One Account service, which provides residents with a ‘safe, private and secure’ way to access and manage services online, was one of the systems that was compromised.
Following the cyber-attack, residents have struggled to carry out basic transactions such as managing and paying council tax and applying for housing benefit. And at the time of writing, almost three months after the attack, the knock-on effects continue to mount: according to Sky News, Hackney Council files including alleged passport documents have been leaked online by hackers.
The Threat to Your Local Authority
Without wishing to resort to malicious scare tactics – we’ll leave the cybercriminals to that – we’ve talked about the Hackney Council cyber-attack in this blog because we want to highlight the ransomware threat to Local Authorities. Each successful cyber-attack on a Local Authority will only encourage hackers to target similar organisations more, as they continue to prove a lucrative route to cash.
But how can we start to think about the threat to your Local Authority in real terms? At Six Degrees, we tend to talk about financial, operational and reputational damage.
- Financial damage. Most obviously, and probably top of many people’s minds, is the financial damage caused by a successful cyber-attack. The Hackney Council cyber-attack prevented the Council from collecting council tax, and will continue to cost the Council thousands in remediation activities.
- Operational damage. Strong engagement with residents – and the robust people, processes and systems that sit behind them – are key to the successful running of any Local Authority. The Hackney Council cyber-attack caused significant operational damage, as the Council was unable to interact with residents and its people were unable to communicate, collaborate and deliver as they usually would.
- Reputational damage. Reputational damage may seem a little more theoretical than financial and operational damage, but it is equally as significant. The Hackney Council cyber-attack caused significant reputational damage, leading residents and associated organisations to question their trust in the Council’s ability to operate and manage their data securely.
One cyber-attack, three kinds of damage. None good at all. So how can you protect your people and your residents?
Further Reading: Our Cyber Intelligence Report provides details of the increased organisational risks related to ransomware during and after pandemic lockdown. The report explains how ransomware is typically deployed, and the factors behind the increased threat level. Download it for free here.
How to Protect Your People and Your Residents
When it comes to protecting your Local Authority’s people and your residents from the negative impact of ransomware, unfortunately there is no magic bullet. At Six Degrees we talk about the need to have ‘defence-in-depth’ by aligning your Local Authority’s people, processes and systems. Here’s what we mean by that:
- Your people. Your people are your first line of cyber defence. When they are trained in cyber security best practices and aware of the latest cyber threats, your people will complement your processes and your systems and manage data in a manner that protects your residents’ personally identifiable information (PII).
- Your processes. Processes are equally as important as the people that follow them. Hackers will look for loopholes in your processes that they can exploit, especially where the appropriate diligence is not paid. Ensure your processes have the right diligence measures built in to prevent hackers exploiting any areas of weakness.
- Your systems. Of course, your systems are an essential element of your Local Authority’s cyber security posture – especially in today’s cloud-based, agile working world. Securely configured and maintained systems are an essential element of your Local Authority’s cyber security posture, reducing your attack surface and minimising risk.
So, how can you protect your people and your residents? Well, we’re sorry we can’t just point you towards an off-the-shelf product that will cover this for you. Cyber security is a journey, but the good news is that – wherever you are on that journey – there are logical steps you can take to minimise the risk of becoming the next high-profile ransomware victim.
If you’re not sure where to start when it comes to reviewing your people, processes and systems, we can help. Our Cyber Security Assessment services enable you to align your cyber security posture to your risk appetite by implementing best practices that will increase your protection against ransomware attacks.
Check them out here. But before you do, a note to finish on Microsoft 365.
Eight Steps to Maximise Microsoft 365 Security
Microsoft 365 has been keeping Local Authorities running in 2020, giving people the tools they need to deliver essential resident services whilst working remotely. But this increased reliance on Microsoft 365 has meant that hackers are targeting it more than ever before to launch ransomware attacks.
Fortunately, your Microsoft 365 licence includes feature-rich, fully-integrated security tools which, when configured properly, can protect your Local Authority from ransomware attacks by preventing hackers from targeting you through the methods we listed above.
In our new infographic we provide eight steps your Local Authority can follow that will help you shield you and your residents from ransomware attacks.