INTELLIGENT BRANDS // Enterprise Security

The cyberattack resulted in the shutdown of its IT systems . Sword noted that approximately 25 confidential documents clear intent when it comes to targeting local services , with Leicester Council joining the victim list alongside NHS Dumfries and Galloway . The intent of a group like this is clear : to cause maximum distress and disruption , with maximum rewards , at minimal effort .

“ In this attack , 25 documents including personal data such as citizens rent statements , applications to purchase council housing and ID information was exfiltrated and shared online , which can unfortunately lead to extortion and

“ Local councils store a vast amount of personal data which can be used in the longer term to conduct further attacks as well as be sold on the Dark Web for a quick profit or used for identity fraud . So , the fact that passport details have been stolen is especially worrying .

“ Attacks on the public sector show no signs of slowing down , but the sheer breadth of services local government must support means funding for cybersecurity will always be a challenge . The government should look to implement some of the recommendations in the recent parliamentary committee report on ransomware , especially on how to respond to an incident . Ultimately local government should not have to choose between cybersecurity and social care .”

Stephen Robinson , Senior Threat Intelligence Analyst at WithSecure , said : “ Multiple local councils in the UK , as well as regional government bodies in other countries such as the US have been victims of ransomware attacks in recent years , with no sign that such activity is slowing . In fact , by some counts the number of ransomware attacks against all sectors almost doubled from 2022 to 2023 . had been posted online , including rent statements , applications for council housing purchase , and identification documents like passport information . The council views the leak of confidential information as a severe issue and its publication as a criminal act .

Cybersecurity experts have been offering their opinions on the cyberbreach :

Darren Williams , CEO and Founder of Blackfog , said : “ In the last two weeks it ’ s become evident that INC ransom have blackmail . To prevent such attacks from happening again , councils and organisations alike must invest in the latest anti-data exfiltration tools to secure their data and prevent ransomware and extortion .”

Trevor Dearing , Director of Critical Infrastructure at Illumio , said : “ The on-going wave of attacks from INC Ransom towards the UK ’ s public services like Leicester City Council , and NHS Scotland the week before , shows the scale of the cybersecurity challenge facing the UK public sector .

“ Whilst the investigation by the council continues , locals should be on the lookout for any potential phishing emails or any other form of unsolicited communication . With the type of data stolen , a cyberattacker could craft extremely plausible , targeted phishing emails , texts and phone calls .

“ Incidents such as this show how critical it is for local councils to improve cyberresilience . Cost effective methods we advise all councils to implement include regular risk assessments , rigorous patching schedules , and fostering a strong cybersecurity culture supported by clear security policies .” p

62 INTELLIGENTCIO EUROPE www . intelligentcio . com