Hackney Council services offline after ‘serious’ cyber attack

IT systems and resident-facing services at Hackney Council in London are currently offline following an apparent cyber security incident.

The council said its investigation was ongoing and provided no further details of exactly what has transpired, although it described it as a “serious cyber attack”.

Mayor of Hackney Philip Glanville said: “Our focus is on continuing to deliver essential frontline services, especially to our most vulnerable residents, and protecting data, while restoring affected services as soon as possible.

“In the meantime, some council services may be unavailable or slower than normal, and our call centre is extremely busy. We ask that residents and businesses only contact us if absolutely necessary, and to bear with us while we seek to resolve these issues.”

The compromised services include the council’s One Account, which provides Hackney residents with a “safe, private and secure” way to access and manage services online. These include managing and paying council tax and applying for housing benefit, among other things. Council tenants also use the service to pay rent and report and request non-urgent housing repairs and other issues.

Hackney Council officers are working alongside the UK’s National Cyber Security Centre (NCSC), external security forensics experts and the Ministry of Housing, Communities and local Government (MCHLG) to investigate and understand the impact of the incident.

An NCSC spokesperson said: “We are aware of an incident affecting Hackney Borough Council. The NCSC is supporting the organisation and working with partners to understand the impact of this incident.”

The council said it would provide further details as they come to light.

Cyber attacks against local government targets have been generally on the rise in the past 18 to 24 months. High-profile victims in the UK have included Redcar and Cleveland in northeast England, which was hit by a ransomware attack earlier in 2020. There is, at the time of writing, no evidence to suggest the incident at Hackney Council is ransomware-related.

Recent statistics produced by Big Brother Watch, cited in a July 2020 MCHLG report, revealed that UK local authorities are faced with 37 attempted breaches every minute on average. The report also said councils often view cyber security as a technical issue rather than a business threat, so they tend to lack appropriate chains of responsibility.

Local government bodies represent relatively soft targets to cyber criminals because they are often under-resourced due to years of cutbacks and austerity, and are more likely to run vulnerable systems that are unpatched or have reached end-of-life and are easily hacked. Many attacks on local government in the US have involved vulnerabilities in Microsoft remote desktop protocol (RDP), for example.

Local government bodies also hold a wealth of highly sensitive personally identifiable information (PII), which may make them more inclined to negotiate with ransomware operators or pay a ransom. As a result, they may also generate more media coverage than a similar attack on a large enterprise – many ransomware gangs are obsessed with their media profile and court or bait high-profile security correspondents and threat researchers.