Russian Hackers Go After Gloucester

Gloucester City Council suffered a serious cyber security incident on the 20th December that resulted in the compromise of certain IT systems and disruption of daily operations. The council's online revenue and benefits, planning and customer services have all been affected after the attack knocked out parts of a council website and the attack has been linked to the work of Russian hackers. 

Systems including online revenue and benefits, planning and customer services are still down across the authority more than a month after the attack was detected.

The cost of fixing the damage could run into millions of pounds, if similar attacks on other councils are anything to go by Gloucester businesses using council services could face months of disruption after a cyber attack knocked out parts of the computer system.

The attack is so serious that the National Crime Agency and the National Cyber Security Centre are involved in the investigation.

Other local authorities and even government agencies have put the council into IT quarantine, blocking the council's emails.  Gloucester City Council said its sources, who do not wish to be named, allege the cyber attack was carried out by hackers from Russia. Officials at Gloucester City Council must be "more transparent" over the hack attack on the authority, a committee chairman has warned.

According to the Local Democracy Reporting Service, the malware made its way into the local authority's system embedded in an email which had been sent to a council officer.The harmful software, known as sleeper malware, is understood to have been dormant for some time before it was activated. Other local authorities and government agencies are currently blocking the council's emails.

Online application forms used to claim for housing benefit, council tax support, test and trace support payments, discretionary housing payments and several other services have been delayed or are unavailable. Residents have been asked to contact the council via email instead.

The council has warned the problem could take up to six months to resolve as affected servers and systems need to be rebuilt.
 

TEISS:         Gloucestershire Live:         BBC:      Punchline-Gloucester

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« Canadian Government Ministry Under Attack
DDoS Attack Knocks Out Andorra's Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

SparkCognition

SparkCognition

SparkCognition’s AI-powered solutions enhance cybersecurity, identify and prevent equipment failures before they happen, and provide prescriptive intelligence for maintaining your most critical assets

Trulioo

Trulioo

Trulioo is a leading global identity and business verification company providing secure access to data sources worldwide to instantly verify consumers and businesses online.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

KOS-CERT

KOS-CERT

KOS-CERT is the national Computer Incident Response Team for Kosovo.

Bitfury Group

Bitfury Group

Bitfury Group is the largest full-service blockchain technology company in the world.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

Foretrace

Foretrace

Foretrace aims to prevent, assess, and contain the exposure of customer accounts, domains, and systems to malicious actors.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

LogicGate

LogicGate

The LogicGate Risk Cloud™ is an agile GRC cloud solution that combines powerful functionality with intuitive design to enhance enterprise GRC programs.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

Anch.AI

Anch.AI

Anch.AI is an Ethical AI Governance platform that helps you comply with EU regulations and avoid risks and penalties when developing and using AI as part of your business.

Redport Information Assurance

Redport Information Assurance

Redport Information Assurance is an information assurance and cyber security solutions provider offering integrated business solutions for all levels of government.

AVIANET

AVIANET

AVIANET's goal is to empower enterprises and corporations worldwide and manage their digital transformation journey with confidence.