UK local authority sets aside £380k for Cyber-Attack Recovery after suspected Russian actors. According to Gloucester City Council, they discovered a breach in December and were warned it could take six months to resolve the issue. Though the amount set aside for this fix may not be enough, the councilors admitted.
While talking to BBC, Liberal Democrat councilor Declan Wilson asked in a cabinet meeting if £380,000 would be enough. According to BBC, he said, “Are you confident this reserve is sufficient, and the city council is not being exposed to the risk of having to deal with costs it can’t afford?”
Earlier in October 2020, Hackney Council in London was under ransomware attack costing the authority as much as £10m as it rebuilt IT systems. Similarly, an attack impacting Redcar & Cleveland Borough Council cost around £2.4m for infrastructure and system recovery or replacement, and unspecified losses due to lower council tax and business collection rates.
It is not yet clear if the Gloucester attack has a Russian hand in it, the attack involved phishing email, “sleeper” malware, though the end goal is still unclear.
The attack has reportedly disrupted services related to housing benefits, council tax support, test and trace support payments, discretionary housing payments, and other online services.
Earlier in 2017, the council was fined £100,000 for failing to patch the notorious Heartbleed vulnerability that enabled hackers to access council email inboxes. They managed to download nearly 30,000 emails containing sensitive personal and financial information.
SIM Swapper Who Stole Money from Victims Bank Accounts Arrested by Spanish Police
Facebook Exposes ‘God Mode’ token That Could Push Data
PHP Everywhere Plugin – RCE Flaws Threaten Thousands of WordPress Sites