Councils have been targeted in nearly 100 million cyber attacks in five years, an investigation has found.
Hackers and other criminals are bombarding local authorities’ IT networks at a rate of 37 times every minute, figures suggest. The findings lay bare the vast scale of the cyber threat faced by town halls, which store data relating to millions of residents.
Research by privacy campaign organisation Big Brother Watch found that councils in the UK were subjected to at least 98 million cyber attacks between 2013 and 2017.
This figure covers malicious attempts to damage, disrupt, or gain unauthorised access to computer systems, networks or devices.
Blackpool Council said it had one cyber attack, which was not reported to police. It said a worker opened an email containing ransomware, which was detected and stopped by software.
All staff have mandatory IT security training, and have access to guidance via an intranet service. It also employs a team of 20 specialists who are ‘trained in cyber security awareness’, and said five per cent of its budget in 2016/17 was spent on IT security – up from around two per cent from 2013 to 2015.
Fylde Council also reported one attack, but said no data was stolen as a result. All staff are versed in cyber security, with mandatory computer-based training. The sole attack was not reported to police. The council also said it has no specific budget allocated.
Wyre Council refused to provide details to Big Brother Watch, saying it would be ‘prejudicial to law enforcement’.
Jennifer Krueckeberg from the Big Brother Watch said councils are hit by over 19 million cyber attacks each year, and said she was ‘shocked’ the majority of councils’ data breaches go unreported.
A Blackpool Council spokesman told The Gazette yesterday: “The last time a computer was comprised by ransomware was in 2016.
“Our systems quickly identified that someone had opened an email which lead to some files being encrypted.
“No data was lost and the systems we have in place successfully protected the council from any data loss.”
A Fylde Council spokeswoman said it was targeted between 2013 and 2017 by an attack that ‘was dealt with at the time with no significant repercussions.’
“User education is our greatest protection,” she said. “We have several layers of anti-virus software and are constantly patching and upgrading systems.”