Lincolnshire staff restore systems following ransomware attack

Written by Colin Marrs on 1 February 2016 in News

Computer systems at Lincolnshire County Council (LCC) are up and running after a major cyber attack forced the closure of the entire network last week.

On Tuesday, the council suffered a ransomware attack from an unknown source, demanding an initial $500 in Bitcoins - which was set to rise over time - to release the data.

Speaking on BBC Radio Lincolnshire this morning, the council’s chief information officer, Judith Hetherington Smith, said that the council’s systems were now back to normal.

She said: “The fact we shut everything down so quickly helped stop the malware from spreading. We had IT staff working pretty much 24/7 over the weekend and we are grateful for all their hard work.”

Related content

Councils face intensified ransomware threat
Strengthening communities: how technology is raising service quality and building public trust

Hetherington Smith said that the virus had got onto the council’s systems by a member of staff clicking on a link within an email.

She said that although no personal details of citizens had been stolen, some data had been encrypted and has been deleted.

Information which was recorded on paper will now have to be inputted into computer systems, she added.

A spokeswoman for the council told that council systems had been backed up on the Monday night, so only a small amount of data from Tuesday morning had been lost.

Detective Inspector Stephen Knubley, of Lincolnshire Police's cyber crime unit, said: "I can confirm that LCC were subject to a malware attack on an IT system. LCC security, in difficult circumstances, have been extremely professional in dealing with this matter and are working towards restoring a full service.

"I can assure the public that there's no evidence at this time that any data has been extracted from LCC systems.

"Lincolnshire Police will continue to work with LCC in an attempt to identify the offenders.”

Commenting on the case, Orlando Scott-Cowley, cyber security strategist at email security firm Mimecast, said:“Traditional anti-virus software is increasingly little protection against new variants of malware sent by email. Ransomware is growing fast and organisations need to combine rigorous employee training with technology that analyses malicious links and attachments in real-time.”

Image of Lincolnshire County Council offices by Ian Carrington, Wikimedia

Share this page



Please login to post a comment or register for a free account.


Greg Sim, CEO o... (not verified)

Submitted on 2 February, 2016 - 13:50
Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted. Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats. It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business. The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.

Related Articles

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

Consultation reveals widespread opposition to proposed data-sharing laws for government login system
26 May 2023

Overwhelming majority of respondents voice disapproval but government will press on with plans to bring forward legislation

UK aid watchdog reveals difficulties caused by FCDO’s ‘dysfunctional’ IT systems
26 May 2023

ICAI annual report says it has been stymied in its ability to recruit people or pay contractors following departmental merger

MoJ reprimanded by ICO after ‘bags of confidential documents’ exposed for over two weeks
25 May 2023

Sensitive data was left unsecured in prison holding area, according to data watchdog

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...