Hertfordshire County faced 16,000 cyber attacks between January and March

Hertfordshire County faced 16,000 cyber attacks between January and March

These figures were mentioned by Hertfordshire County Council in a report which is due to be presented at a meeting of the council’s resources and performance cabinet panel on June 9. Hemel Today, which accessed the report, said the Council suffered a total of 15,964 attacks in the three-month period.

In the report, Hertfordshire Council highlighted email-based phishing attempts as the greatest cyber threat it faced in the quarter as most of these emails were sent with the intent of luring recipients to share data. All these attacks were successfully repelled, the Council added.

The fact that local councils in the UK have, and continue to face a deluge of cyber attacks is well known to the cyber security industry and to government agencies such as the National Cyber Security Centre. For instance, a Freedom of Information request made by insurance broking firm Gallagher revealed that local councils across the UK faced as many as 263 million cyber attacks in the first half of 2019, averaging around 800 cyber attacks every hour.

“While this sounds like a high number of attacks it is unfortunately the reality faced by many organisations today. Phishing attacks target individual users, therefore a single campaign may result in hundreds or even thousands of individual attacks being directed at an organisation. It only takes one of these attempts to be successful in order for the intended target to become compromised,” says Tom Davison, Technical Director – International at Lookout.

“A successful phishing attack can compromise both the device and the user’s account. The attacker can then access that organisation’s infrastructure with legitimate credentials and move around until they find valuable assets to exfiltrate. Since attackers use legitimate credentials, they can access most any cloud-based resource including Software-as-a-Service (SaaS) platforms like Google Workspace, Microsoft Office 365, or Workday as well as infrastructure platforms like AWS. 

“To stay resilient, organisations need to focus on continuous monitoring for attacks, placing security at the new perimeter of remote devices and cloud repositories, and training their users in phishing awareness,” he adds.

Aside from receiving millions of spear-phishing emails, local councils also have to defend against cyber threats such as ransomware attacks and malware intrusions that, if successful, cause immense financial losses. For instance, a ransomware attack targeting the Redcar and Cleveland Borough Council’s IT systems in February 2020 inflicted a financial loss of £10.14 million to the Council, forcing it to seek additional budgetary support from the government.

The Council said that prior to the cyber attack, it had “industry-standard tools deployed to secure its network” that were configured to provide optimum protection as per the standards set out by the Public Services Network (PSN). However, these measures proved inadequate in preventing the cyber attack.

In October last year, Hackney Council also suffered a ransomware attack that disrupted online services and rendered IT systems inoperable. In January, operators of the Pysa ransomware, also known as Mespinoza, published a large trove of data on a dark web forum that they stole from Hackney Council. The stolen data included “very sensitive information” such as passport details, staff data, and photo IDs.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]