A local authority in the north-east of England appears to have suffered a major ransomware attack, leaving online public services down for 135,000 locals, for over a week.
At the time of writing, the website of Redcar & Cleveland Borough Council was still down.
An update on the council’s official Twitter account as of February 13 said: “We are still experiencing issues with our IT systems, which means we are working with a reduced capacity. We are able to receive and answer limited calls and emails and we will be prioritizing urgent messages.”
According to reports, the council’s IT systems were attacked at 11am the previous Saturday, with external cybersecurity experts including those from the National Cyber Security Centre (NCSC) drafted in to help.
Although the council refuses to publicly specify whether it was a ransomware raid or not, the attack has all the hallmarks.
Council leader, Mary Lanigan, told the BBC that systems had been taken offline and are “being rebuilt.
“We have a massive team here — including cybersecurity experts — working around the clock flat out to get it fixed,” she added.
“They have to go through [IT systems] bit by bit to make sure everything is clean. A lot of our staff are not able to work without computers but they are coping quite well here. The main problem is that we have no email systems. So we have extra phone lines for residents.”
The council is using its social media pages to update residents with phone numbers to call if they need to book appointments, make payments and more.
Council tax payments are apparently unaffected, but online bookings for appointments, social care systems, council housing complaints and other services have been knocked offline.
In response to one concerned resident’s tweet, the council claimed that “as it stands, we have no evidence so far of any data being lost.”
UK councils will be hoping Redcar isn’t the first salvo in a new onslaught by cyber-criminals that has already seen municipalities across the US suffer a barrage of outages.
Mimecast head of e-crime, Carl Wean, argued that an attitude of “it will always happen to someone else, not us” can’t be allowed to persist.
“Ransomware continues to be the preferred attack method for threat actors due to the monetary gains available if successful,” he added. “It should be considered a key threat across all regions, not just in the UK, as criminal seeks to exploit the perceived success of this form of cyber-attack before significant regulatory and industry-based resilience measures render this attack more difficult to carry out.”