Categories: SecurityWorkspace

Lincolnshire County Council Recovers From Ransomware Attack

Lincolnshire County Council said it has restored its systems following a malware attack that forced it to revert to pen and paper for most of last week.

“Following a malware attack, the majority of our systems will be back online by tomorrow morning,” the council said in a Twitter post on Sunday, adding that no data was compromised. The council later confirmed in a separate statement that its systems were back online.

Lincolnshire County Council shut down its IT systems on Tuesday when it detected the attack, which was triggered when a member of staff opened a malicious attachment in an email.

The zero-day attack exploited a previously undiscovered vulnerability, meaning up-to-date security systems were unable to defend against it, the council said.

The malicious attachment launched a ‘ransomware’ program that encrypted files and demanded $500 (£350) in Bitcoins as payment to restore the data. No data was accessed by the attackers, the council said.

The council said it had shut down its systems as a precaution to prevent the malware from damaging more files. Four hundred fifty-eight servers and 70 terabytes of data were scanned to ensure their integrity, the council said.

While systems were down, staff reverted to telephone contact and pen and paper, according to council chief information officer Judith Hetherington-Smith.

Many of the affected files were available from back-ups, she said.

No data accessed

Around 300 computers were affected, with services such as the booking of local transport services and library computer access impaired, according to the council.

Lincolnshire police said there was no evidence data was extracted from council systems and that they are investigating the incident.

The council did not consider paying the ransom, according to Hetherington-Smith.

Security experts warned in December that one in ten ransomware emails now target the UK, as attackers look to continue the success of such attacks in 2015.

Such attacks include Android.Lockdroid.E, which locks a user’s Android smartphone and threatens to send browsing history to the user’s contacts, and Lockerpin, which alters a phone’s PIN lock function, stopping users from accessing their device.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • Yet another reason to outlaw virtual currencies such as bitcoin - its primary use is for crime.
    If no one can purchase untraceable currency, then ransomware become useless.

  • Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted.

    Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats.

    It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business.

    The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.

Recent Posts

Apple Security Flaw Being Actively Exploited

Update now. Vulnerability impacts a number of Apple iPhone, iPad and Mac models, and the…

11 hours ago

Yale University Names Firms Still Operating In Russia

Data from Yale University shows a number of big name tech companies continue to trade…

12 hours ago

Police Arrest Four Over BT Cable Theft In North Yorkshire

Police make arrests after Openreach confirms to Silicon UK that a cable theft left 200…

1 day ago

UK Staff Resisting ‘Big Return’ To The Office, Says infinitSpace

Remote working to stay? Majority of business leaders are struggling to get staff to return…

1 day ago

Apple Axes 100 Recruiters, Amid Hiring Slowdown – Report

Hiring slowdown at Apple? Tech giant reportedly lets go 100 contract-based recruiters in the past…

1 day ago