Categories: SecurityWorkspace

Lincolnshire County Council Recovers From Ransomware Attack

Lincolnshire County Council said it has restored its systems following a malware attack that forced it to revert to pen and paper for most of last week.

“Following a malware attack, the majority of our systems will be back online by tomorrow morning,” the council said in a Twitter post on Sunday, adding that no data was compromised. The council later confirmed in a separate statement that its systems were back online.

Lincolnshire County Council shut down its IT systems on Tuesday when it detected the attack, which was triggered when a member of staff opened a malicious attachment in an email.

The zero-day attack exploited a previously undiscovered vulnerability, meaning up-to-date security systems were unable to defend against it, the council said.

The malicious attachment launched a ‘ransomware’ program that encrypted files and demanded $500 (£350) in Bitcoins as payment to restore the data. No data was accessed by the attackers, the council said.

The council said it had shut down its systems as a precaution to prevent the malware from damaging more files. Four hundred fifty-eight servers and 70 terabytes of data were scanned to ensure their integrity, the council said.

While systems were down, staff reverted to telephone contact and pen and paper, according to council chief information officer Judith Hetherington-Smith.

Many of the affected files were available from back-ups, she said.

No data accessed

Around 300 computers were affected, with services such as the booking of local transport services and library computer access impaired, according to the council.

Lincolnshire police said there was no evidence data was extracted from council systems and that they are investigating the incident.

The council did not consider paying the ransom, according to Hetherington-Smith.

Security experts warned in December that one in ten ransomware emails now target the UK, as attackers look to continue the success of such attacks in 2015.

Such attacks include Android.Lockdroid.E, which locks a user’s Android smartphone and threatens to send browsing history to the user’s contacts, and Lockerpin, which alters a phone’s PIN lock function, stopping users from accessing their device.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • Yet another reason to outlaw virtual currencies such as bitcoin - its primary use is for crime.
    If no one can purchase untraceable currency, then ransomware become useless.

  • Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted.

    Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats.

    It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business.

    The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

2 days ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

2 days ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

2 days ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

3 days ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

3 days ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

3 days ago