Lincolnshire staff restore systems following ransomware attack

Written by Colin Marrs on 1 February 2016 in News
News

Computer systems at Lincolnshire County Council (LCC) are up and running after a major cyber attack forced the closure of the entire network last week.

On Tuesday, the council suffered a ransomware attack from an unknown source, demanding an initial $500 in Bitcoins - which was set to rise over time - to release the data.

Speaking on BBC Radio Lincolnshire this morning, the council’s chief information officer, Judith Hetherington Smith, said that the council’s systems were now back to normal.

She said: “The fact we shut everything down so quickly helped stop the malware from spreading. We had IT staff working pretty much 24/7 over the weekend and we are grateful for all their hard work.”


Related content

Councils face intensified ransomware threat
Strengthening communities: how technology is raising service quality and building public trust


Hetherington Smith said that the virus had got onto the council’s systems by a member of staff clicking on a link within an email.

She said that although no personal details of citizens had been stolen, some data had been encrypted and has been deleted.

Information which was recorded on paper will now have to be inputted into computer systems, she added.

A spokeswoman for the council told Publictechnology.net that council systems had been backed up on the Monday night, so only a small amount of data from Tuesday morning had been lost.

Detective Inspector Stephen Knubley, of Lincolnshire Police's cyber crime unit, said: "I can confirm that LCC were subject to a malware attack on an IT system. LCC security, in difficult circumstances, have been extremely professional in dealing with this matter and are working towards restoring a full service.

"I can assure the public that there's no evidence at this time that any data has been extracted from LCC systems.

"Lincolnshire Police will continue to work with LCC in an attempt to identify the offenders.”

Commenting on the case, Orlando Scott-Cowley, cyber security strategist at email security firm Mimecast, said:“Traditional anti-virus software is increasingly little protection against new variants of malware sent by email. Ransomware is growing fast and organisations need to combine rigorous employee training with technology that analyses malicious links and attachments in real-time.”

Image of Lincolnshire County Council offices by Ian Carrington, Wikimedia

Share this page

Tags

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Comments

Greg Sim, CEO o... (not verified)

Submitted on 2 February, 2016 - 13:50
Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted. Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats. It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business. The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.

Related Articles

HMRC lifts lid on £200m programme to achieve data-protection compliance
27 September 2022

Recently released information provides details of three-year project to minimise risk and improve use of data

National Archives plans digital service for officials to access sensitive records
22 September 2022

Organisation seeks support with design and delivery of prototype platform

IPO seeks new chief exec to lead digital and data transformation
22 September 2022

BEIS-sponsored agency floats £100k leadership post

Brexit: ‘No known data breaches’ of EU citizens’ digital status since programme launch, minister claims
20 September 2022

Home Office databases have not been compromised, according to Tom Pursglove

Related Sponsored Articles

Keeping tabs on work-issued mobile activity with Antenna
7 September 2022

How can public sector organisations keep track of calls, texts and instant messages in the world of ultra-flexi, hybrid working? Stuart Williams, CTO at FourNet, and Andrew Bale, EVP at Tango...

Rewiring government: improving outcome management
6 September 2022

Paul Pick-Aluas, Strategy & Transformation, Public Sector at Salesforce, explains how governments can use technology innovation to improve how it can analyse outcomes