Russian Hackers Go After Gloucester

Gloucester City Council suffered a serious cyber security incident on the 20th December that resulted in the compromise of certain IT systems and disruption of daily operations. The council's online revenue and benefits, planning and customer services have all been affected after the attack knocked out parts of a council website and the attack has been linked to the work of Russian hackers. 

Systems including online revenue and benefits, planning and customer services are still down across the authority more than a month after the attack was detected.

The cost of fixing the damage could run into millions of pounds, if similar attacks on other councils are anything to go by Gloucester businesses using council services could face months of disruption after a cyber attack knocked out parts of the computer system.

The attack is so serious that the National Crime Agency and the National Cyber Security Centre are involved in the investigation.

Other local authorities and even government agencies have put the council into IT quarantine, blocking the council's emails.  Gloucester City Council said its sources, who do not wish to be named, allege the cyber attack was carried out by hackers from Russia. Officials at Gloucester City Council must be "more transparent" over the hack attack on the authority, a committee chairman has warned.

According to the Local Democracy Reporting Service, the malware made its way into the local authority's system embedded in an email which had been sent to a council officer.The harmful software, known as sleeper malware, is understood to have been dormant for some time before it was activated. Other local authorities and government agencies are currently blocking the council's emails.

Online application forms used to claim for housing benefit, council tax support, test and trace support payments, discretionary housing payments and several other services have been delayed or are unavailable. Residents have been asked to contact the council via email instead.

The council has warned the problem could take up to six months to resolve as affected servers and systems need to be rebuilt.
 

TEISS:         Gloucestershire Live:         BBC:      Punchline-Gloucester

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« Canadian Government Ministry Under Attack
DDoS Attack Knocks Out Andorra's Internet »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

ANS Group

ANS Group

ANS are a strong team of straight-talking tech and business experts. Our mission is to make digital transformation accessible to all.

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Authenware

Authenware

AuthenWare delivers the highest level of identity security based on behavioral biometrics.

Jetico

Jetico

Jetico provides pure & simple data protection software for all sensitive information throughout the lifecycle. Solutions include data encryption and secure data erasure.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

Certego

Certego

Certego is a company of the VEM Sistemi Group specialised in providing managed computer security services and to combat Cyber Crime.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

National Cyber Security Centre (NCSC) - Ireland

National Cyber Security Centre (NCSC) - Ireland

The National Cyber Security Centre (NCSC) is the operational side of the Department of Communications in regard to network and information security in the Republic of Ireland.

Oceania Cyber Security Centre (OCSC)

Oceania Cyber Security Centre (OCSC)

OCSC engages with government and industry to conduct research, develop training opportunities and build capacity for responding to current and emerging cyber security issues.

Pacific Cyber Security Operational Network (PaCSON)

Pacific Cyber Security Operational Network (PaCSON)

PaCSON is an operational cyber security network of regional working-level cyber security experts in the Pacific.

Managed IT Services

Managed IT Services

Managed IT Services is a managed IT Services Company offering a diverse range of Cyber Security services and IT solutions.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

Filigran

Filigran

Filigran provides threat intelligence, adversary simulation and crisis response open solutions to thousands of cybersecurity and crisis management teams across the world.

SEALSQ

SEALSQ

For the last 25 years, SEALSQ have been developing secure semiconductor chips, secure embedded firmware, and tested hardware provisioning services to serve the vision of a safer connected world.

Access Talent Today

Access Talent Today

Access Talent Today is an AI/ML and cyber security talent provider.