Tag Archive for: Hackney

Hackney Council could be forced to answer questions about IT security training after Psya ransomware


A council hit by a cyber attack could be forced to answer questions about the IT and security training it gave staff when they were forced to work from home because of the pandemic.

Cyber criminals struck Hackney Council in October 2020, with Pysa, or Mespinoza, ransomware paralysing some of its online services.

Four months later, employees’ and residents’ data was allegedly published on the dark web by hackers who claimed it came from the attack on the London council’s IT systems.

The council said the attack affected “a limited set of data, it has not been published on a widely available public forum, and is not available through search engines on the internet”.

The National Crime Agency is still investigating the attack, as is the National Cyber Security Centre.

Missing data

The attack has cost the council millions of pounds and it is still missing data across many services.

It said the most critical services were Mosaic for social care, Academy for its benefits and revenues, and M3 for planning and land charges and delivering modern digital tools in housing.

Other local authorities have been targeted by hackers. Gloucester Council became the latest victim when it was attacked for the second time in December, when hackers hit services including revenue and benefits and planning.

Salisbury, Copeland and Islington councils were also affected by cyber attacks over the 2017 August bank holiday, when hackers unsuccessfully asked for a bitcoin ransom in return for data.

The attack on Hackney affected benefits data. Some people were unable to perform property searches, which affected some house sales in the east London borough.

Information commissioner to take action

The council now faces action from the information commissioner after refusing to say whether it gave council staff security training when they were required to work from home during the pandemic.

Liberal Democrat campaigner Darren Martin submitted a Freedom of Information request to ask the council what IT security training was given to staff in the two years leading up to the cyber attack.

“If it turns out that the attack that has left our vital services crippled in the borough since 2020…

Source…

Letter from London: Ransomware is wreaking havoc in Hackney


Vicki Bates, a retail worker who lives in east London, has been furloughed twice during the coronavirus pandemic and says she is owed nearly £1,000 ($1,400) in housing benefit by her local authority. She has been unable to log into her account on Hackney Council’s website since October 2020 and describes her predicament as the culmination of months of administrative errors.

“I really rely on those payments to be able to get things for my daughter,” she told me, during a telephone conversation. “We’ve got her school uniform to buy in the next couple of months. That is a large chunk of money and a bit of a worry.”

Bates is one of tens of thousands of Hackney residents — the borough is home to some 280,000 people and 10,000 businesses — who have been affected by a crippling ransomware attack on the council’s website. (In the interest of full disclosure, I live in Hackney and use the website regularly.) The breach took place in October 2020, disabling a number of vital local services, including systems that allow residents to access social security benefits, and pay rent and council tax.

Over the past few years, ransomware attacks on public and private institutions, including councils, utility companies and banks, have become an increasingly common form of online terrorism. In late 2020, dozens of U.S. hospitals and healthcare organizations were hit by malicious code distributed by cyber-criminals. Security analysts said the hacks were tied to a Russian gang known as UNC 1878 or Wizard Spider

Large corporations and financial institutions have the means to pay off ransomware gangs. For example, Brazil-based JBS SA, the world’s largest meat processing company, gave the equivalent of $11m to hackers who broke into its computer system in June. 

Ransomware attacks on public institutions like Hackney council have become common in the last few years.

However, U.K. local authority budgets have been progressively slashed since the financial crisis of 2008, rendering most councils incapable of spending such large sums of money, even if they could get past the miles of red tape necessary to do so. Hackney has faced some of the most brutal cuts in…

Source…