Hackers are targeting councils in England as part of a wider campaign to free the Wikileaks political activist Julian Assange.
The political campaigner, who was holed up in the Ecuadorean embassy in London for seven years until his arrest on April 11, is supported by a global network of hackers, including the groups the Philippine Cyber Eagles and Anonymous Espana, which have sent Tweets claiming responsibility for hacking council websites.
Barnsley MBC explained that yesterday, it became aware that it had experienced a Distributed Denial of Service (DDOS) – an attack that happens when a hacker overwhelms a website making it unusable for regular users. “This type of attack can be extremely disruptive as key services are put out of action,” a council spokesperson said. “Having initially believed the issue was not related to a cyber-attack, while investigating the issue it became clear that the amount of traffic hitting the council website was massively above normal levels.
“We have and will continue to work with our partners to get the council website further protected.”
Councils large and small were targeted, with the Twitter handle @Anonymous Espana claiming to have “hacked and leaked” the websites of Ross on Wye Town Council in Hertfordshire and Exning Parish Council in Suffolk.
A message from associated Twitter handle CyberGhost404 tweeted this morning “Free Assange or chaos is coming for you”, with links to the websites of Bolton MBC and Mid and East Antrim Council in Northern Ireland. Another tweet threatened London datastore, which is run by the Greater London Authority.
A spokesperson for Bolton said they found it “puzzling, but had not had any problems so far, adding: “We’re aware of the tweet and are monitoring the site.”
Councils appear to have been targeted as part of a wider hacking effort to bring down gov.uk websites, with one anonymous hacker tweeting: “Prepare for the chaos. We are Legion.”
Last week, following Mr Assange’s arrest, the Anonymous group, with 1.56 million followers, threatened to “unleash the force of the internet” on the government unless it releases Mr Assange.
Although Solace cyber security spokesperson Stephen Baker said that he had never seen an attack of this political nature on council websites before, it appears that cyber attacks on councils are increasing.
According to a report last year by civil liberties campaign group Big Brother Watch, which was based on Freedom of Information requests, UK councils have experienced more than 98 million cyber attacks over five years. At least one in four councils experienced a cyber security incident between 2013 – 2017. The report stated: “While some councils have taken measures to face the ever growing threat from cyber attacks, especially the areas of staff training and reporting of successful cyber attacks need urgent attention.”
Mr Baker said this disruption is ”particularly unwelcome” at the moment. “Councils are under such extreme pressures at the moment and have limited resources to deal with such instances - district councils are busy organising elections,” he said. “This is something we can’t have a direct influence on at all.”
A spokesperson for the Local Government Association said that councils have invested in a range of measures to protect their systems and the data they hold and had secured funding from the National Cyber Security Programme to build cyber resilience.
“These measures include firewalls and scanning services, applying the government’s cyber security guidance, introducing training for their workforce and elected members, carrying out health checks, penetration test and cyber resilience exercises to test their systems and processes, and meeting compliance regimes.
”However, we are all subject to increasing levels of criminal and hostile cyber-attacks and we need to work together alongside the National Cyber Security Centre to mitigate against such attacks and ensure we have appropriate measures in place to protect the personal and sensitive information we hold about residents and business customers so we can continue to share this information securely and efficiently.