Child protection among critical services affected by cyberattack on English council

Jason Macuray
Leicester City Council has announced that several of the local authority’s critical services are going to be unavailable until at least the middle of this week following a cyberattack.

Leicester City Council has announced that several of the local authority’s critical services are going to be unavailable until at least the middle of this week following a cyberattack.

The council shut down its IT systems as a precaution last Thursday while an unspecified cyber incident was being investigated.

After working over the weekend, the council announced on Monday that the incident was an attack and that “it will take until at least the middle of the week before we will be able to start the recovery process, beginning with our most critical services.”

The council has published several emergency numbers on its website for the affected services, including child protection, adult social care safeguarding, and homelessness.

Richard Sword, Leicester City Council’s strategic director of city developments and neighborhoods, said work is ongoing with “cyber security and law enforcement partners” and that Leicester is “learning from other councils who have had attacks, to identify the nature of the incident and the steps we need to take to get our systems back online.”

He added: “We apologise for the inconvenience this is causing. Council officers are working hard to ensure that our frontline services continue to operate with the minimum of disruption.”

Disruptive cyberattacks affecting local authorities have surged according to the most recent data security incident trends released by the Information Commissioner’s Office, with 67 ransomware attacks recorded in the first three quarters of 2023 compared to 13 during the whole of 2022.

An attack affecting Redcar and Cleveland Council in January 2020 had such an impact on the authority’s Children’s Services — which could have disrupted children going into foster care — that staff from the National Cyber Security Centre (NCSC) were forced to actually sleep in the council building to help recover the systems.

“We actually put beds in for them in order to see how quickly we could do that and move that forward,” the council’s then leader Mary Lanigan told a parliamentary inquiry last year.

Lanigan said she had been pressured by an unnamed government minister “not to go into a great deal of depth about what had happened,” in the wake of the attack — advice she said caused the council “a lot of issues.”

Leicester City Council has not confirmed that the incident is a ransomware attack. Beyond the emergency numbers provided, it has also not indicated the extent of the attack’s impact.

An NCSC spokesperson said: “We are supporting Leicester City Council to fully understand the impact of an incident.”

The incident comes as the British government is accused by a parliamentary committee of taking the “ostrich strategy” by burying its head in the sand over the “large and imminent” national cyber threat posed by ransomware.

Dame Margaret Beckett MP, the chair of the Joint Committee on the National Security Strategy, said it has become “ever clearer that Government does not know the extent or costs of cyberattacks across the country – though we’re the third most cyber-attacked country in the world – nor does it have any intention of commensurately upping the stakes or resources in response.”

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin

is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Belgian village whose brewery was hit by cyberattack faces another on its coffee roastery

Next Post

French government agencies hit by cyberattacks of ‘unprecedented intensity’

Related Posts

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T's wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated
Read More

Smash-and-Grab Extortion

The Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:  53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days. More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities.
Read More

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security leaders who are planning their security architecture
Read More