Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

Cyber-attack warning amid reports of library hack by Russians

  • 1 Comment

Council systems are likely to face an increasing number of cyber-attacks as increasingly sophisticated hackers seek to collect ransom payments or find a back door into central government systems, experts have warned.

LGC has learned of reports that Russian hackers have accessed council library systems. However, it is thought unlikely that local government would fall victim to something on the scale of the WannaCry ransomware that wreaked havoc in the NHS and other organisations across the world last month.

Geoff Connell, president of Socitm and head of information management and technology at Norfolk CC, told LGC it was getting easier and cheaper for cyber criminals to make increasingly complex attacks. Meanwhile, as councils increasingly share services, link up with the NHS, introduce mobile working and encourage residents to go online there are more opportunities for cyber criminals to launch attacks.

He said there had been examples of hackers sending emails to finance directors appearing to come from the council chief executive and instructing them to make payments.

“The threat of a cyber-attack is growing; it is a very real threat but we’re not in bad shape as a sector,” said Mr Connell.

However, he warned there was a risk budget cuts could leave councils more exposed to an attack.

“We have to invest in cyber security professionals and we have to be careful funding cuts mean people don’t stop investing,” said Mr Connell.

Mr Connell said the fact that local government was relatively well fortified against an attack was partly a result of “jumping through hoops” to join other networks including “ironically” the NHS network. Councils have also had to meet stringent cyber hygiene tests to be able to accept payments online and to join the central government Public Sector Network, which allows access to data held by HMRC and the DVLA.

However, this link with central government also makes councils more of a target for hackers.

Rob Whiteman

Rob Whiteman

Rob Whiteman

Rob Whiteman, chief executive of the Chartered Institute for Public Finance & Accountancy, told LGC he was aware of a Russian hack into a council library system, although no wrongdoing was carried out.

“What we have to become accustomed to is [that] our systems are being hacked into… Councils themselves are not necessarily targets but hackers are getting into systems and having a look around,” he said.

Jos Creese, chief executive of Creese Consulting Ltd and a former chief information officer at Hampshire CC, told LGC there would be more incidents of varying types.

He said: “You have got different types of hackers: those in the UK trying to prove a point, international hackers trying to commit fraud or international hackers trying to find the back door to central government systems.”

Jos Creese

Jos Creese

Jos Creese

Mr Creese said, in general, local government was better prepared than other sectors, including the NHS.

“I have no doubt there are some [councils] that will be struggling,” he said. “I’m pretty confident there will be incidents in the sector… the complexity of local government makes it much harder to ensure end-to-end security than in a private sector organisation.”

Mr Creese said councils needed to stop using vendors who did not keep their systems up-to-date.

While some councils still operate using Windows XP, the outdated system that left many NHS hospitals exposed to the WannaCry ransomware, Mr Creese said he has not seen any that have it embedded in their network in a way that would cause problems on the scale of those seen in the NHS.

Mr Creese said the NHS incident had acted as wake-up call and warned public sector organisations against simply viewing IT as a cost centre where money could be saved through automation and self-service.

“Whilst there are productivity gains you do have to make the necessary investment given the amount of reliance you will be placing on these systems,” he said.

There is much activity taking place to raise awareness and share best practice in local government.

Socitim has set up local groups known as Warps that bring together public sector IT professionals in an area to share information and spot risks. It is also encouraging the National Cyber Security Centre to create solutions to cyber-attacks that can be widely deployed, rather than every organisation having to develop their own.

Cipfa recently formed a group with the Local Government Association, Department for Communities & Local Government, Cabinet Office, and National Cyber Security Centre specifically aimed at raising awareness of cyber security among local authorities.

Rachael Tiffin, head of Cipfa’s counter fraud faculty, told LGC threats to cyber security is emerging as one of biggest fraud risks and the centre was getting an increasing number of requests for training and advice.

“It needs to be an issue on the top table; it needs to be led from the top down. It’s not just the responsibility of a person in IT,” she said.

  • 1 Comment

Readers' comments (1)

  • Was this article checked before publication? I currently manage a local government libraries-related project, and the subject line in my inbox 'Library hack by Russians sparks cyber-attack warning' naturally rang some alarm bells. The first sentence of the article: 'LGC has learned of reports that Russian hackers have accessed council library systems' - confirmed that this article was one to read asap. The substance behind these two alarming comments proved to be a non-verbatim comment buried in the article that followed, where Rob Whiteman 'told LGC he was aware of a Russian hack into a council library system, although no wrongdoing was carried out'. The very least the article could then have done was to explain WHAT system was hacked, in WHICH council, and WHEN, along with HOW the alleged hack was accomplished, and WHAT was done as a result. I'm not a journalist, but I think even I could have managed most of that before hitting 'publish' on a report that gave little if any new information over and above what has been in the press since the global ransomware attack last month.

    Unsuitable or offensive? Report this comment

Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions.

Links may be included in your comments but HTML is not permitted.