- The 25+ best Black Friday Nintendo Switch deals 2024
- Why there could be a new AI chatbot champ by the time you read this
- The 70+ best Black Friday TV deals 2024: Save up to $2,000
- This AI image generator that went viral for its realistic images gets a major upgrade
- One of the best cheap Android phones I've tested is not a Motorola or Samsung
Local Authority Sets Aside £380k for Cyber-Attack Recovery
A local authority in the UK hit by suspected Russian actors has set aside £380,000 ($514,000) to remediate and recover from the incident, according to reports.
Gloucester City Council discovered the breach back in December and warned at the time that it could take up to six months to fix as servers would need rebuilding.
However, even the six-figure sum reserved to handle the fall-out of the incident may not be enough, councillors have admitted.
One Conservative councillor reportedly claimed that as the recovery continues, and full cost implications are understood, “sources of funding will then need to be identified.”
Referring to other cyber-incidents impacting local government bodies in the UK, Liberal Democrat councillor Declan Wilson had asked a cabinet meeting whether £380,000 would be enough.
“Are you confident this reserve is sufficient, and the city council is not being exposed to the risk of having to deal with costs it can’t afford?” he said, according to the BBC-funded Local Democracy Reporting Service.
Earlier this year it emerged that an October 2020 ransomware attack on Hackney Council in London could end up costing the authority as much as £10m as it rebuilds IT systems.
Another 2020 incident, impacting the north-east’s Redcar & Cleveland Borough Council, was purported to cost around the same, including £2.4m needed for infrastructure and system recovery or replacement, and unspecified losses due to lower council tax and business collection rates.
The Gloucester attack has been blamed on Russian attackers. Following a phishing email, “sleeper” malware was reportedly activated, although the end goal is still unclear.
Housing benefit, council tax support, test and trace support payments, discretionary housing payments and other online services were disrupted as a result.
In 2017, the UK’s data protection watchdog fined the council £100,000 after its failure to patch the notorious Heartbleed vulnerability three years previously enabled hackers to access council email inboxes.
There, they downloaded 30,000 emails containing sensitive personal and financial information.