Russian Hackers Go After Gloucester

Uploaded on 2022-01-31 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

Gloucester City Council suffered a serious cyber security incident on the 20th December that resulted in the compromise of certain IT systems and disruption of daily operations. The council's online revenue and benefits, planning and customer services have all been affected after the attack knocked out parts of a council website and the attack has been linked to the work of Russian hackers. 

Systems including online revenue and benefits, planning and customer services are still down across the authority more than a month after the attack was detected.

The cost of fixing the damage could run into millions of pounds, if similar attacks on other councils are anything to go by Gloucester businesses using council services could face months of disruption after a cyber attack knocked out parts of the computer system.

The attack is so serious that the National Crime Agency and the National Cyber Security Centre are involved in the investigation.

Other local authorities and even government agencies have put the council into IT quarantine, blocking the council's emails.  Gloucester City Council said its sources, who do not wish to be named, allege the cyber attack was carried out by hackers from Russia. Officials at Gloucester City Council must be "more transparent" over the hack attack on the authority, a committee chairman has warned.

According to the Local Democracy Reporting Service, the malware made its way into the local authority's system embedded in an email which had been sent to a council officer.The harmful software, known as sleeper malware, is understood to have been dormant for some time before it was activated. Other local authorities and government agencies are currently blocking the council's emails.

Online application forms used to claim for housing benefit, council tax support, test and trace support payments, discretionary housing payments and several other services have been delayed or are unavailable. Residents have been asked to contact the council via email instead.

The council has warned the problem could take up to six months to resolve as affected servers and systems need to be rebuilt.
 

TEISS:         Gloucestershire Live:         BBC:      Punchline-Gloucester

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« Canadian Government Ministry Under Attack
DDoS Attack Knocks Out Andorra's Internet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Nixon Peabody LLP

Nixon Peabody LLP

Nixon Peabody LLP is an international law firm with offices across the USA, Europe and Asia. Practice areas include Data Privacy and Cyber Security.

Security Innovation

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

Security University

Security University

Security University is a leading provider of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

CodeSealer

CodeSealer

CodeSealer provide invisible end-to-end user interface protection with a unique web security solution to eliminate Man-in-the-Middle and Man-in-the-Browser vulnerabilties.

TeskaLabs

TeskaLabs

TeskaLabs is a software vendor of cybersecurity and data privacy products.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

SearchInform

SearchInform

SearchInform is a leading risk management product developer, protecting business and government institutions against data theft, harmful human behavior, compliance breaches and incomplete audit.

MillenniumIT ESP (MIT ESP)

MillenniumIT ESP (MIT ESP)

MillenniumIT ESP provides solutions and services around Core Infrastructure, Cloud, Cyber Security, Enterprise Applications, Intelligent Automation and Data, Smart Buildings, and Managed Services.

Enginsight

Enginsight

Enginsight provides a comprehensive solution for monitoring and securing your servers and clients.

Fortify 24/7

Fortify 24/7

Fortify 24×7 provides a robust portfolio of managed cybersecurity solutions to help you identify and prevent attacks.

CodeHunter

CodeHunter

CodeHunter is a malware hunting SaaS platform designed to detect all variations of malware, known and unknown, without the need for source code or signatures.

AdronH

AdronH

AdronH is a company of Cyber Security consultants. We support companies and public institutions with their digital transformation to new and secure business platforms.

BluTinuity

BluTinuity

BluTinuity is a premier management consulting firm with a passion for information security, business continuity, incident response, disaster recovery, and HIPAA security.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.