Critical systems restored at English council following ransomware attack


Less than two months after a ransomware attack hit St Helens town council in northwest England, most council services are operating again.

Situated between Liverpool and Manchester, the council – the local government authority in an area with around 180,000 residents – announcement a “suspected ransomware incident” near the end of August.

This follows a number of seriously disruptive cyberattacks on city councils in England, including Redcar and Cleveland in the North East, Hackney Council in London and Gloucester City Council in the west of England.

According to a surprisingly neglected dataset published by the Information Commissioner’s Office (ICO), there have been more reported ransomware incidents affecting local government authorities in the first half of this year than there have been since the regulator started counting incidents in 2020.

Following the August attack on St Helens – which happened too late to be included in the ICO’s latest data update – a number of the council’s IT systems were rendered unavailable “causing a disruption to typical operational activities and services provided by local authorities. authority,” a spokesperson told Recorded Future News on Wednesday.

“While most municipal services have returned to normal operations, less than eight weeks after the incident, work continues to restore the remaining non-critical systems that were impacted,” the spokesperson added.

Following the attack, residents were advised to “be vigilant of all emails received from St Helens Town Council”, with a particular warning to watch out for phishing emails claiming to be from the bank informing them that a new direct debit has been set up. with a link to confirm their details – with the link actually allowing criminals to harvest these details from victims.

“Please be reassured: with our cybersecurity specialists, we are working to resolve this incident, but this is obviously a very complex and evolving situation,” the spokesperson said.

As reported At the time, according to local newspaper St Helens Star, council members, just weeks before the attack, provided an update to their strategic risk register, saying “robust” measures were in place against cyberattacks.

The council’s spokesperson told Recorded Future News: “In response to the incident, additional cyber hardening controls have been implemented and continue to be enhanced in coordination with the council’s cybersecurity service provider . »

Mary Lanigan, the leader of Redcar Council at the time of the incident, told a parliamentary committee earlier this year, an unnamed government minister told her to keep quiet about the impact of the “catastrophic” attack – which she said “caused us a lot of problems”.

The attack hit services for children and adults, meaning safeguarding reports were missed and foster care services were disrupted. The incident also prevented staff from accessing council records and having access to telephone lines, email, computers, printers and other electronic devices.

Get more information with the

Future saved

Intelligence cloud.

Learn more.

No previous articles

No new articles

Alexandre Martin

Alexander Martin is the UK editor of Recorded Future News. He was previously a technology journalist for Sky News and is also a member of the European Cyber ​​Conflict Research Initiative.

Leave a comment