St Helens Council in Merseyside hit by ransomware attack
St Helens Borough Council in Merseyside has fallen sufferer to a suspected ransomware attack, by an as-yet undisclosed menace actor, that has introduced down varied programs throughout its IT property, though the vast majority of its customer-facing programs seem to stay operational.
Full particulars of the cyber attack have but to emerge, however the council has confirmed that its IT groups first recognized the intrusion two days in the past, on Monday 21 August, since when the council has engaged exterior cyber safety assist and forensics to research additional.
“We are currently dealing with a suspected ransomware incident on the council’s IT systems and networks. We have now put in place a number of security measures to keep our IT networks running safely,” a spokesperson stated.
“We are continuing to provide council services via our website. Some internal systems to the council are currently being affected due to the actions we have put in place to prevent any further impact, and whilst a full investigation is undertaken,” they instructed Computer Weekly in an emailed assertion.
“Please be reassured that together with our cyber security specialists we are working to resolve this incident, but obviously this is a very complex and evolving situation.”
The council is telling residents to be mindful of their own online safety and to be cautious of any suspicious communications that will purport to be from the council. This might recommend that non-public knowledge, together with contact particulars, has been exfiltrated throughout the course of the cyber attack, though on the time of penning this was unconfirmed.
St Helens is house to roughly 180,000 folks and is considered one of six native authorities districts in the Liverpool City Region. It covers each suburban and rural areas, together with the cities of Haydock, Newton-le-Willows, and St Helens itself, which is house to the eponymous Rugby League staff.
Mike Newman, CEO of My1Login, an id and entry administration (IAM) specialist, stated: “Given that this incident follows an extended string of ransomware assaults on UK councils, St Helens ought to have plans already in place to include the incident rapidly and forestall it inflicting catastrophic monetary losses, like we noticed when Hackney Council suffered a ransomware attack that price the authority over £10m.
“Ransomware is the most prominent [form of] cyber attack today and the volume of attacks are reaching record highs. It is vital that all businesses, both public and private, prioritise their defences.”
Newman added: “With knowledge incessantly revealing that phishing and credential theft are two of the most typical attack vectors used to deploy ransomware, the incident additional reinforces the significance of organisations shifting away from password-based safety mechanisms, and bettering their cyber defences through passwordless [authentication], the place there aren’t any passwords to be stolen or phished from workers.
“By removing passwords from employees, this closes the door on ransomware’s most frequently used attack vector and significantly bolsters cyber defences.”
