Council Staff Revert To Pen And Paper Following ‘Cyber-Attack’

A local council has confirmed that an outage of its online services lasting more than a week was caused by a cyber-attack.

Redcar and Cleveland Borough Council said the cause of the outage “appears to be a cyberattack on the council’s IT servers”.

Earlier last week the council had said it was experiencing an “issue with our IT system” that meant it was working at a reduced capacity.

As of Monday morning the council’s web pages were still displaying an error message when accessed.

The Petya ransomware disrupted organisations internationally in 2017

Week-long outage

The borough’s more than 135,000 residents have been without online services since 11 a.m. on Saturday, 8 February.

A third-party website operated by Civica is still functioning, meaning the council can accept and process council tax payments.

Experts said the attack is likely to have involved ransomware, in which malware locks an organisation’s files until a ransom is paid to the attackers.

A number of local public authorities worldwide have been disrupted by such malware, and councils are reluctant to pay attackers for fear of encouraging further attacks.

“We are still experiencing issues with our IT systems, which means we are working with a reduced capacity,” the council said in its most recent Twitter post on the issue.

“We are able to receive and answer limited calls and emails and we will be prioritising urgent messages.”

The council said all its computers were affected by the attack.

Pen and paper

It said it does not have an “exact timescale” for when online services would be back up, but said its teams were working to remedy the problem.

In the meantime, council staff are operating using pen and paper and are fielding calls from residents via council hotlines.

The National Crime Agency is working with the council and a team of experts from GCHQ’s National Cyber Security Centre (NCSC) has been on site since the attack occurred.

The NCSC said the attack was an “isolated incident” and that it is working with partners to “understand its impact”.

The NCA and the NCSC also declined to confirm whether ransomware was to blame for the disruption.

The council’s leader, Councillor Mary Lanigan, told the BBC the council’s computers had been taken offline and its systems were being rebuilt.

“We have a massive team here – including cyber-security experts – working around the clock flat out to get it fixed,” she said.

“The main problem is that we have no email systems. so we have extra phone lines for residents.”

No data stolen

The council added that as yet it had not found any evidence that sensitive personal data had been stolen.

Cumbrian council Copeland Borough is one of the UK councils to have been hit by ransomware, an attack it said in 2018 had cost it about £2 million.

Following the attack the council invested more in its IT systems and began storing key documents on cloud servers.

In the US, San Francisco’s public transportation network and the city government of Atlanta are amongst the public-sector organisations to have been disrupted by such malware.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Coronavirus: Samsung, Facebook, Donate Devices To NHS

Samsung donates 2,000 robust smartphones and other equipment for NHS Nightingale hospitals, as Facebook donates 2,050 Portal devices

7 hours ago

Coronavirus: Amazon’s Jeff Bezos Quizzed Over Sacked Worker

Letter to CEO over fired worker, who raised concerns about worker protection and cleanliness of local Amazon facility during pandemic

8 hours ago

Coronavirus: US Senators Advised To Avoid Using Zoom – Report

US Senate reportedly becomes the latest organisation to advise members not to use Zoom, over privacy and security concerns

8 hours ago

Google Told By French Regulator To Pay For Re-using News Or Content

Google has been instructed by the French competition authority to pay French publishers and news agencies for re-using content or…

12 hours ago

Coronavirus: UK, US Warn Hackers Are Exploiting Pandemic

Cybersecurity officials in the UK and US are warning that state-backed hackers and criminals are taking advantage of the Coronavirus…

14 hours ago

Zoom Sued For Security Lapses, Hires Ex-Facebook Security Boss Stamos

Video conferencing app hit with lawsuit for overstating its privacy standards, as it hires former Facebook security executive

1 day ago