Posted on October 14, 2020 at 3:46 PM
According to a recent announcement by London’s Hackney Borough Council, the council was recently hit by a ‘serious cyberattack.’ The announcement further states that the attackers have targeted many of the Council’s IT systems and services.
At the moment, the Council is working with experts, including the UK’s National Cyber Security Centre (NCSC), which are investigating the incident.
As it can be seen from the tweet above, the Hackney Council also requested that no one contacts them unless absolutely necessary, likely in order to avoid disturbing the investigation.
What is known about the attack?
So far, it is assumed that the Hackney Council was hit by the attack yesterday, October 13th. This is when the council published its Twitter announcement, as well as a news release on its website.
The news release, published by Hackey’s mayor, Philip Glanville, did not reveal much more information than the Twitter post, apart from the fact that the investigation was still at an early stage at the time when the announcement was written.
However, Hackney did note that, while the investigation continues, its other goal will be to protect data, restore affected services, and go back to delivering essential services as quickly as possible.
It noted that even those services that are not completely unavailable might experience certain difficulties, such as operating slower than normal.
There was also a comment by the NCSC, whose spokesperson did not reveal any information regarding the incident. They stated that “The NCSC is supporting the organization and working with partners to understand the impact of this incident.“
The attack might have involved ransomware
As mentioned, the exact time and date of the attack currently remain unknown. In addition, the Council also did not reveal the exact form of the cyberattack.
Some have assumed that the attack might involve ransomware, as another local authority — Redcar and Cleveland Borough Council — suffered such an attack earlier this year, in February. Back then, the attackers allegedly demanded £10m in exchange for aborting the attack, and providing a decryption key.
Cybersecurity specialist at ESET, Jake Moore, also noted that “This bears all the hallmarks of a ransomware attack, but what we should be worried about is the new direction that threat actors are taking these days, where they not only encrypt the data, but they threaten to release it too.”
Moore further noted that “Councils which may lack funding, and consequently may not have the strongest network protection, can be an easy target for those looking for vulnerabilities to exploit.”
Using ransomware against regular internet users is still very much a common occurrence, of course. However, over the last several years, there have been more and more incidents in which hackers attempted to target companies, critical establishments, and even entire cities.
With that in mind, it is easy to understand why ransomware attacks are becoming a growing problem for public services. Anyone can be targeted at any time, from councils to hospitals.
In fact, memories of ransomware attacks — such as the infamous WannaCry, which swept through the entire world in 2017 — are still quite fresh. Back then, the ransomware managed to compromise the systems of a massive number of institutions such as hospitals.
The UK itself felt quite a large impact from it back then, as most of its institutions used old devices with even older systems, which were likely not updated and properly secured for years.
If the attack against the Hackney Council is indeed a ransomware attack, there is no telling what the attackers might do next. They could simply ask for a massive ransom, or even threaten to release the data that they potentially harvested during the breach.
And, while the Council did say that it will continue to release regular updates on the incident and the on-going investigation, so far, it has not published any new updates.