Russian Hackers Go After Gloucester

Gloucester City Council suffered a serious cyber security incident on the 20th December that resulted in the compromise of certain IT systems and disruption of daily operations. The council's online revenue and benefits, planning and customer services have all been affected after the attack knocked out parts of a council website and the attack has been linked to the work of Russian hackers. 

Systems including online revenue and benefits, planning and customer services are still down across the authority more than a month after the attack was detected.

The cost of fixing the damage could run into millions of pounds, if similar attacks on other councils are anything to go by Gloucester businesses using council services could face months of disruption after a cyber attack knocked out parts of the computer system.

The attack is so serious that the National Crime Agency and the National Cyber Security Centre are involved in the investigation.

Other local authorities and even government agencies have put the council into IT quarantine, blocking the council's emails.  Gloucester City Council said its sources, who do not wish to be named, allege the cyber attack was carried out by hackers from Russia. Officials at Gloucester City Council must be "more transparent" over the hack attack on the authority, a committee chairman has warned.

According to the Local Democracy Reporting Service, the malware made its way into the local authority's system embedded in an email which had been sent to a council officer.The harmful software, known as sleeper malware, is understood to have been dormant for some time before it was activated. Other local authorities and government agencies are currently blocking the council's emails.

Online application forms used to claim for housing benefit, council tax support, test and trace support payments, discretionary housing payments and several other services have been delayed or are unavailable. Residents have been asked to contact the council via email instead.

The council has warned the problem could take up to six months to resolve as affected servers and systems need to be rebuilt.
 

TEISS:         Gloucestershire Live:         BBC:      Punchline-Gloucester

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« Canadian Government Ministry Under Attack
DDoS Attack Knocks Out Andorra's Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DCL Search & Select

DCL Search & Select

DCL Search & Selection connect candidates to the best companies in the IT Security, Telco, UC, Outsourcing, ERP, Audit & Control markets.

infineon - IoT Security

infineon - IoT Security

Infineon is a leader in semiconductor solutions for a huge range of applications including automation, smart systems and security for the Internet of Things.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

Seagate

Seagate

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

GK8

GK8

GK8 is a cyber security company that offers a high security custodian technology for managing and safeguarding digital assets. Secure, Compliant and Practical.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

IEC Cyber Ltd

IEC Cyber Ltd

IEC Cyber provides Cyber security consulting services for OT systems, with emphasis on process systems aligned to IEC 61508 and IEC 61511. We are a preferred consulting firm for IEC 62443 services.