Russian Hackers Go After Gloucester

Gloucester City Council suffered a serious cyber security incident on the 20th December that resulted in the compromise of certain IT systems and disruption of daily operations. The council's online revenue and benefits, planning and customer services have all been affected after the attack knocked out parts of a council website and the attack has been linked to the work of Russian hackers. 

Systems including online revenue and benefits, planning and customer services are still down across the authority more than a month after the attack was detected.

The cost of fixing the damage could run into millions of pounds, if similar attacks on other councils are anything to go by Gloucester businesses using council services could face months of disruption after a cyber attack knocked out parts of the computer system.

The attack is so serious that the National Crime Agency and the National Cyber Security Centre are involved in the investigation.

Other local authorities and even government agencies have put the council into IT quarantine, blocking the council's emails.  Gloucester City Council said its sources, who do not wish to be named, allege the cyber attack was carried out by hackers from Russia. Officials at Gloucester City Council must be "more transparent" over the hack attack on the authority, a committee chairman has warned.

According to the Local Democracy Reporting Service, the malware made its way into the local authority's system embedded in an email which had been sent to a council officer.The harmful software, known as sleeper malware, is understood to have been dormant for some time before it was activated. Other local authorities and government agencies are currently blocking the council's emails.

Online application forms used to claim for housing benefit, council tax support, test and trace support payments, discretionary housing payments and several other services have been delayed or are unavailable. Residents have been asked to contact the council via email instead.

The council has warned the problem could take up to six months to resolve as affected servers and systems need to be rebuilt.
 

TEISS:         Gloucestershire Live:         BBC:      Punchline-Gloucester

You Might Also Read: 

The Personal Data Being Used To Get Your Vote:

 

« Canadian Government Ministry Under Attack
DDoS Attack Knocks Out Andorra's Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CyberSmart

CyberSmart

CyberSmart is a platform that allows you to maintain compliance, achieve certification and secure your organisation.

Secusmart

Secusmart

Secusmart provide highly secure and encrypted speech and data communication solutions.

Data Shepherd

Data Shepherd

Data Shepherds primary focus is to protect your business. We achieve this by offering extensive and unique expertise in innovative IT and Cyber security solutions.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

FinCom.co

FinCom.co

FinCom.Co is the world’s first automatic AML/ KYC screening system, for comprehensive compliance.

TeraByte

TeraByte

TeraByte is an information security company which helps to educate and protect businesses from cyber security related risks.

YorCyberSec

YorCyberSec

YorCyberSec act as a trusted Cyber and Information Security broker and procurement specialist. We help companies to Reduce Risk, Increase Assurance and Improve Performance.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Pacific Global Security Group

Pacific Global Security Group

Pacific Global Security Group offers an intelligence-driven focus on all aspects of cybersecurity for IT/ICS/OT.

Nemstar

Nemstar

Nemstar is a specialist in Information Security & Cyber Training with over 25 years' industry experience.

Oligo Security

Oligo Security

Oligo aims to streamline the usage of open source by making it secure and easy to protect. Through focusing developers on the relevant vulnerabilities we make the fixing process significantly shorter.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.

FearsOff

FearsOff

FearsOff is a global information security company serving clients worldwide. White hat operators with a black hat mindset to emulate real world attacks and everchanging threat vectors.