These figures were mentioned by Hertfordshire County Council in a report which is due to be presented at a meeting of the council’s resources and performance cabinet panel on June 9. Hemel Today, which accessed the report, said the Council suffered a total of 15,964 attacks in the three-month period.
In the report, Hertfordshire Council highlighted email-based phishing attempts as the greatest cyber threat it faced in the quarter as most of these emails were sent with the intent of luring recipients to share data. All these attacks were successfully repelled, the Council added.
The fact that local councils in the UK have, and continue to face a deluge of cyber attacks is well known to the cyber security industry and to government agencies such as the National Cyber Security Centre. For instance, a Freedom of Information request made by insurance broking firm Gallagher revealed that local councils across the UK faced as many as 263 million cyber attacks in the first half of 2019, averaging around 800 cyber attacks every hour.
“While this sounds like a high number of attacks it is unfortunately the reality faced by many organisations today. Phishing attacks target individual users, therefore a single campaign may result in hundreds or even thousands of individual attacks being directed at an organisation. It only takes one of these attempts to be successful in order for the intended target to become compromised,” says Tom Davison, Technical Director – International at Lookout.
“A successful phishing attack can compromise both the device and the user’s account. The attacker can then access that organisation’s infrastructure with legitimate credentials and move around until they find valuable assets to exfiltrate. Since attackers use legitimate credentials, they can access most any cloud-based resource including Software-as-a-Service (SaaS) platforms like Google Workspace, Microsoft Office 365, or Workday as well as infrastructure platforms like AWS.
“To stay resilient, organisations need to focus on continuous monitoring for attacks, placing security at the new perimeter of remote devices and cloud repositories, and training their users in phishing awareness,” he adds.
Aside from receiving millions of spear-phishing emails, local councils also have to defend against cyber threats such as ransomware attacks and malware intrusions that, if successful, cause immense financial losses. For instance, a ransomware attack targeting the Redcar and Cleveland Borough Council’s IT systems in February 2020 inflicted a financial loss of £10.14 million to the Council, forcing it to seek additional budgetary support from the government.
The Council said that prior to the cyber attack, it had “industry-standard tools deployed to secure its network” that were configured to provide optimum protection as per the standards set out by the Public Services Network (PSN). However, these measures proved inadequate in preventing the cyber attack.
In October last year, Hackney Council also suffered a ransomware attack that disrupted online services and rendered IT systems inoperable. In January, operators of the Pysa ransomware, also known as Mespinoza, published a large trove of data on a dark web forum that they stole from Hackney Council. The stolen data included “very sensitive information” such as passport details, staff data, and photo IDs.