Heightened threat of cyber-attacks following Russian invasion | #government | #hacking | #cyberattack


Councils are being told they face a heightened threat of cyber-attacks following Russia’s invasion of Ukraine, and are being urged to take swift action to protect their systems.

One cyber advisor for the local government sector told LGC that “without a doubt there has been an increase in activities”.

The National Cyber Security Centre, part of GCHQ, said the war meant the threat of a cyber-attack on organisations is “heightened”. While it is not aware of specific threats linked to the war, it warned that there “historical pattern of cyber-attacks against Ukraine with international consequences”.

HermeticWiper, a wiper malware used against Ukrainian organisations which can erase data from hard drives, “also has the potential to impact organisations outside of Ukraine”, it warned.

Local Government Association chair James Jamieson (Con) told members in a briefing last week that “cyber security remains a concern during this time of heightened cyber risk”, and said councils are being advised by NCSC to “review their plans for dealing with a cyber-attack”.

Cllr Jamieson also advised members to “speak to your officers to understand cyber risk”, and “check your backups and restore mechanisms are working correctly”.

Mark Brett a local government cyber security advisor for Socitim, the society for innovation technology and the modernisation of public services, told LGC there is a “real possibility of a zero day attack” – in which hackers exploit recently discovered security vulnerabilities – “with a higher than usual likelihood of success”.

“So immutable backups & up-to-date business continuity measures are more important than ever,” he added. “Without a doubt there has been an increase in activities.

“The cyber agenda needs the attention of local authority chief executives.”

December’s cyber-attack on Gloucester City Council is believed to have been carried out by hackers from Russia, the council told the Local Democracy Reporting Service.

The ‘sleeper malware’, which is understood to have been dormant for some time before it was activated, made its way into the Gloucester’s system embedded in an email to an officer.

Mr Brett explained that many cyber incidents result from automated phishing attacks in which attempts are made to “steal credentials to commit fraud at a later date”.

Over the course of the last year, the NCSC has faced an unprecedented increase in the volume of cyber security incidents to which it has had to respond.

According to the government’s National Cyber Strategy 2022, published in December, Ransomware was the most significant cyber threat facing the UK in 2021. Due to the likely impact of a successful attack on essential services or critical national infrastructure, the NCSC assessed ransomware as “potentially as harmful as state-sponsored espionage”.

In October 2020, Hackney LBC suffered a ransomware cyber-attack which caused many months of disruption and cost around £10m to rectify. The strategy explained that “at a critical time when [Hackney] was dealing with the impact of the Covid-19 pandemic, the council was locked out of important data and many services were disrupted, including council tax and benefit payments”. “Other local authorities have suffered similar attacks, as have a variety of organisations in the education sector,” it added.

A cyber incident also involves a loss of information systems, which can have significant implications under data protection legislation if councils do not take precautions. This was highlighted last month when the Information Commissioner’s Office issued an enforcement notice to a legal company, Tuckers, fining it £98,000 after personal data was breached during a ransomware attack in 2020.

The commissioner found that Tuckers’ “failure to implement appropriate technical and organisation measures…rendered it vulnerable to the attack”.

Mr Brett described the impact of a cyber-attack on a council as “devastating” and warned chief executives to “ensure their councils are actively preparing for cyber incidents, through awareness raising internally, planning exercising and ensuring their supply chain is safe.”

Councils are “very good at dealing with traditional emergencies”, he said, but senior leaders “need crisis management skills to ensure they can survive cyber-attacks”.

Although Mr Brett said preventing cyber incidents is “virtually impossible” and “cyber incidents and attacks will increase”, using NCSC’s free active cyber defence products and services can “really help mitigate the effects of unwanted cyber attention”.

And there is “a lot of help out there” for councils, Mr Brett added. “[The Department for Levelling Up, Housing & Communities] have been awarded significant funding under the spending review and are being very proactive to support local authorities.

“Likewise, the LGA is working hard with Solace and Socitm to raise the profile with chief executives and members. All of these programmes of support and measures will in time make a difference, it’s a marathon not a sprint.”



Original Source link

Leave a Reply

Your email address will not be published.

− 1 = three