Categories: SecurityWorkspace

Lincolnshire County Council Recovers From Ransomware Attack

Lincolnshire County Council said it has restored its systems following a malware attack that forced it to revert to pen and paper for most of last week.

“Following a malware attack, the majority of our systems will be back online by tomorrow morning,” the council said in a Twitter post on Sunday, adding that no data was compromised. The council later confirmed in a separate statement that its systems were back online.

Lincolnshire County Council shut down its IT systems on Tuesday when it detected the attack, which was triggered when a member of staff opened a malicious attachment in an email.

The zero-day attack exploited a previously undiscovered vulnerability, meaning up-to-date security systems were unable to defend against it, the council said.

The malicious attachment launched a ‘ransomware’ program that encrypted files and demanded $500 (£350) in Bitcoins as payment to restore the data. No data was accessed by the attackers, the council said.

The council said it had shut down its systems as a precaution to prevent the malware from damaging more files. Four hundred fifty-eight servers and 70 terabytes of data were scanned to ensure their integrity, the council said.

While systems were down, staff reverted to telephone contact and pen and paper, according to council chief information officer Judith Hetherington-Smith.

Many of the affected files were available from back-ups, she said.

No data accessed

Around 300 computers were affected, with services such as the booking of local transport services and library computer access impaired, according to the council.

Lincolnshire police said there was no evidence data was extracted from council systems and that they are investigating the incident.

The council did not consider paying the ransom, according to Hetherington-Smith.

Security experts warned in December that one in ten ransomware emails now target the UK, as attackers look to continue the success of such attacks in 2015.

Such attacks include Android.Lockdroid.E, which locks a user’s Android smartphone and threatens to send browsing history to the user’s contacts, and Lockerpin, which alters a phone’s PIN lock function, stopping users from accessing their device.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • Yet another reason to outlaw virtual currencies such as bitcoin - its primary use is for crime.
    If no one can purchase untraceable currency, then ransomware become useless.

  • Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted.

    Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats.

    It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business.

    The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.

Recent Posts

Isle Of Wight Drone Medical Delivery Trials Set To Continue

Delivery trials of medical goods to the Isle of Wight set to recommence next month…

27 mins ago

Google ‘Recommended Therapy’ Following Racism Complaints

Report says Google frequently recommends mental health resources and medical leave in response to complaints…

57 mins ago

European Banking Authority Compromised By Exchange Hackers

European Banking Authority takes email servers offline after finding it was targeted in worldwide Microsoft…

1 hour ago

Researchers Identify More Malware Used By SolarWinds Hack Group

Microsoft and FireEye identify three custom-made hacking tools deployed onto networks by 'sophisticated' group behind…

22 hours ago

White House Appoints Big Tech Critic Tim Wu As Adviser

Tim Wu appointed as adviser on technology and competition policy, signalling hard line on 'abuse…

23 hours ago

John McAfee Indicted Over Cryptocurrency Fraud

McAfee indicted in US over allegedly promoting cryptocurrencies to his massive Twitter base of followers,…

23 hours ago