Councils 'at risk from foreign government agency attacks'
Four Scottish councils have been subject to ransomware attacks in the past year, with councils considered targets for cyber attacks by foreign government intelligence agencies, according to one Scottish authority.
The figure was revealed in a report by John Walker, deputy chief executive of Perth and Kinross Council, who said that his authority blocked more than 1m malicious connection attempts during November.
The news comes after Lincolnshire County Council shut down its networks last months in response to a ransomware attack.
Walker’s report said: “In December 2015 the council experienced degradation in its internet connection through the JANET network (which provided the council’s internet connection) as a consequence of a targeted attack on another part of the JANET network.
“The council was only slightly inconvenienced by this action, although during a similar incident in 2014 several local authorities in the west of Scotland lost internet connectivity completely for several days.
“This year four Scottish councils have also been subjected to a ‘ransomware’ attack - an attack which encrypts data and will release it only on payment of a ransom - with some limited success.”
He did not reveal which councils were hit by the attacks, but said that Police Scotland always alerts councils where intelligence suggests potential threats to council systems.
Walker added: “Local authorities are also considered to be targets for foreign national intelligence services. Information relating to these threats is limited, however, for reasons of national security.”
In addition, the report said that the council has been subjected to increasingly sophisticated spam attacks, known as “spear phishing”.
This involved specifically designed emails, which are sent over a period of weeks to “retrain” spam filters to allow malicious emails through.
“Whilst these attacks can be successful in penetrating our network, the risks are generally mitigated by user awareness – employees recognise the emails as suspicious and delete or report them,” Walker said.
The deputy chief executive said that cyber security issues have prevented the council from taking advantage of new developments in ICT.
He said: “This can be particularly difficult when other organisations who work with the council understandably take advantage of the many free products available to them and wish to use these products for the storage and movement of our information. The council must refuse to do this because of the risks outlined above.
“Unfortunately robust cyber security will almost always be in conflict with low cost and usability.”
Leaders at the National Cyber Security Centre lift the lid on the impact of and lessons learned from the Triton malware assault
Government cybersecurity agency issues guidance telling users to act ‘quickly’
Legislators in California city vote to outlaw surveillance tech
Deputy CISO post comes with six-figure salary