Lincolnshire County Council said it has restored its systems following a malware attack that forced it to revert to pen and paper for most of last week.
“Following a malware attack, the majority of our systems will be back online by tomorrow morning,” the council said in a Twitter post on Sunday, adding that no data was compromised. The council later confirmed in a separate statement that its systems were back online.
Lincolnshire County Council shut down its IT systems on Tuesday when it detected the attack, which was triggered when a member of staff opened a malicious attachment in an email.
The zero-day attack exploited a previously undiscovered vulnerability, meaning up-to-date security systems were unable to defend against it, the council said.
The malicious attachment launched a ‘ransomware’ program that encrypted files and demanded $500 (£350) in Bitcoins as payment to restore the data. No data was accessed by the attackers, the council said.
The council said it had shut down its systems as a precaution to prevent the malware from damaging more files. Four hundred fifty-eight servers and 70 terabytes of data were scanned to ensure their integrity, the council said.
While systems were down, staff reverted to telephone contact and pen and paper, according to council chief information officer Judith Hetherington-Smith.
Many of the affected files were available from back-ups, she said.
Around 300 computers were affected, with services such as the booking of local transport services and library computer access impaired, according to the council.
Lincolnshire police said there was no evidence data was extracted from council systems and that they are investigating the incident.
The council did not consider paying the ransom, according to Hetherington-Smith.
Security experts warned in December that one in ten ransomware emails now target the UK, as attackers look to continue the success of such attacks in 2015.
Such attacks include Android.Lockdroid.E, which locks a user’s Android smartphone and threatens to send browsing history to the user’s contacts, and Lockerpin, which alters a phone’s PIN lock function, stopping users from accessing their device.
Are you a security pro? Try our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
Yet another reason to outlaw virtual currencies such as bitcoin - its primary use is for crime.
If no one can purchase untraceable currency, then ransomware become useless.
Cyber-criminals are becoming increasingly ambitious, resulting in an alarming increase in the amount of councils, governments and national infrastructure organisations being targeted.
Email is the lifeblood of most organisations, and for this reason it continues to be the preferred route of entry for hackers. 94 per cent of successful cyber-attacks utilise this method - planting dodgy email attachments, malicious web links and other hidden threats.
It is crucial that organisations, whether they be governmental or private, put policy in place that takes responsibility away from employees and places it in the hands of the board, restoring the organisation’s control over its sensitive data. Technology is now available that can put this policy in place and in the process stop threats at source by breaking down email attachments to byte-level and rebuilding them as clean files in real-time, ensuring that no malicious code makes it into the organisation’s computer network supporting audit and compliance requirements and enforcing ‘best practice’ in managing the files that organisations rely on to do business.
The methods these cyber-criminals are using to plot their sophisticated hacks are increasingly disruptive, and as a result we’re seeing established businesses and now government organisations suffer the fallout. Fundamentally there is an appetite for solutions which support governance, risk management and compliance as organisations have grown not to trust what they’re getting from mainstream suppliers anymore. The only answer to this growing threat lies in greater innovation and technology which allows the good guys to come out on top every time with absolute security. With this technology readily available, it will be interesting to see how many councils act to protect their documents now, or how many multiple breaches have to take place before they start to use real defensive security.