Safeguarding Against Ransomware: Lessons from Leicester City Council

Home Website security Safeguarding Against Ransomware: Lessons from Leicester City Council

Leicester City Council has confirmed that a recent cyber incident was indeed a ransomware attack, prompted by the discovery that the perpetrators had uploaded stolen documents to a dark web extortion site.

Ransomware is a type of malicious software ‘malware’ which is designed to damage and destroy computers and computer systems, to facilitate extortion.

The group who carried out the attack, call themselves INC Ransom. Richard Sword, Leicester Council’s strategic director, acknowledged on Wednesday that “a small number of documents held on our servers have been published by a known ransomware group.”

It was revealed that INC Ransom has targeted various government, education, and healthcare entities and has made public “around 25 or so confidential documents,” including rent statements, housing purchase applications, and identification records such as passport information.

Sword emphasised the severity of the breach and condemned the publication of the documents as a criminal act.

Leicester residents have been advised to report any encounters with individuals claiming to possess their data to Leicestershire Police via the non-emergency number 101 or an online form.

“We realise this will cause anxiety for those affected and want to apologise for any distress caused.” Sword stated “At this stage, we are unable to confirm definitively whether additional documents have been extracted from our systems, although it’s highly likely.”

Despite the attack disrupting critical services and necessitating systems shutdown on March 7 when detected, the council reported that most systems and phone lines are now functioning normally.

According to recent data from the Information Commissioner’s Office, cyberattacks targeting local authorities have spiked, with 67 ransomware attacks recorded in the first three quarters of 2023 compared to 13 in 2022.

Zonkey’s Recommendations

To keep your council website protected, ensure your site is hosted securely on a UK based server; this ensures your data stays within the EU. It is vital that your website is regularly updated, backed up, and scanned for vulnerabilities.

All of our Zonkey council web servers are registered with the government’s National Cyber Security Centre Early Warning system to scan for malicious traffic.

Zonkey specialise in designing fully accessible and responsive Council Websites, with a range of affordable packages available. Get in touch to find out how we can help.

Header image: Photo by FlyD on Unsplash