THE official council website for the Comhairle nan Eilean Siar local authority in Scotland has been impacted by a suspected ransomware attack. The Scottish government and computer company Dell have been helping Comhairle nan Eilean Siar deal with the situation.
Comhairle chief executive Malcolm Burr said the authority was working with Police Scotland, the National Cyber Security Centre and Scottish government in a criminal investigation.
He said: “The comhairle has been the victim of a criminal attack on our IT system which has caused significant disruption to our services,
“Our priority is to restore services as quickly as we can to make sure those who depend on our services have access to them.”
Mr Burr said not all the comhairle’s services had been affected, and external communications were returning to normal.
Due to their servers containing sensitive information about local affairs, councils have become top prey for opportunistic cybercriminals, exacerbated by the fact that local authority have a proclivity to deprioritise cybersecurity due to constraining budgets.
Local cybersecurity expert Deryck Mitchelson, Head of Global CISO at Check Point Software and Board Member of the Scottish Government National Cyber Advisory Board (NCRAB), has commented on the situation:
We have seen a big increase in successful cyberattacks on councils due in part to underinvestment in preventative security and the value of the data that they manage, which makes them the perfect fit for ransomware gangs. This is combined with cybercriminals constantly refining their techniques to apply pressure on victims to pay up. We are seeing more groups use data extraction and target suppliers or customers for ransom in triple extortion campaigns, on top of traditional methods of encrypting valuable data.
“However, it is possible to prevent these incidents by being proactive about cybersecurity. To minimise the risks, businesses need to be extra vigilant, install updates and patches regularly and invest in anti-ransomware to spot unusual activity and stop it in its tracks. User education is also an important part of protection, given that 90% of attacks start from a phishing email, so making people aware of what to look out for needs to be part of the mix. This is in addition to introducing limited access to only essential information, which will minimise the impact of a successful attack.”
