Lincolnshire County Council said it has restored its systems following a malware attack that forced it to revert to pen and paper for most of last week.
“Following a malware attack, the majority of our systems will be back online by tomorrow morning,” the council said in a Twitter post on Sunday, adding that no data was compromised. The council later confirmed in a separate statement that its systems were back online.
Lincolnshire County Council shut down its IT systems on Tuesday when it detected the attack, which was triggered when a member of staff opened a malicious attachment in an email.
The zero-day attack exploited a previously undiscovered vulnerability, meaning up-to-date security systems were unable to defend against it, the council said.
The malicious attachment launched a ‘ransomware’ program that encrypted files and demanded $500 (£350) in Bitcoins as payment to restore the data. No data was accessed by the attackers, the council said.
The council said it had shut down its systems as a precaution to prevent the malware from damaging more files. Four hundred fifty-eight servers and 70 terabytes of data were scanned to ensure their integrity, the council said.
While systems were down, staff reverted to telephone contact and pen and paper, according to council chief information officer Judith Hetherington-Smith.
Many of the affected files were available from back-ups, she said.
Around 300 computers were affected, with services such as the booking of local transport services and library computer access impaired, according to the council.
Lincolnshire police said there was no evidence data was extracted from council systems and that they are investigating the incident.
The council did not consider paying the ransom, according to Hetherington-Smith.
Security experts warned in December that one in ten ransomware emails now target the UK, as attackers look to continue the success of such attacks in 2015.
Such attacks include Android.Lockdroid.E, which locks a user’s Android smartphone and threatens to send browsing history to the user’s contacts, and Lockerpin, which alters a phone’s PIN lock function, stopping users from accessing their device.
Are you a security pro? Try our quiz!
AI push sees Alphabet's Google saying it will consolidate its AI teams in its Research…
Beijing orders Apple to pull Meta's WhatsApp and Threads from its Chinese App Store over…
Key milestone sees Intel Foundry assemble ASML's new “High NA EUV” lithography tool, to begin…
Oracle's huge AI, Cloud investment in Japan will meet growing local demand and address digital…
People who create sexually explicit ‘deepfakes’ of adults will face prosecution under a new law…
Protest at cloud contract with Israel results in staff firings, in addition to layoffs of…
View Comments
Yet another reason to outlaw virtual currencies such as bitcoin - its primary use is for crime.
If no one can purchase untraceable currency, then ransomware become useless.
Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted.
Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats.
It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business.
The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.