Local government cyber security challenges are broad across the UK, not least due to the decentralised approach to local government and the challenges of sharing information and approaches to online threats. Challenges and threats include both external actors and internal issues.
Some attacks are simply to disrupt services, while others are concentrated on stealing data, blackmail and other serious criminal offences.
The complexity and uniqueness of attacks have changed dramatically causing financial and organisational disasters to local authorities.
Local Government security attacks:
Recent examples of cybersecurity attacks on local Boroughs include:
- The London Borough of Hackney was subject to a ransomware attack in which personal staff data was released, land registry information was scrabbled, and local authority payments had to be halted.
- Redcar and Cleveland local authorities were attacked in early 2020 and it is estimated to have cost in the region of £10 million due to the loss of services and a need for system upgrading across many sites.
- In the August bank holiday of 2017, Copeland Borough Council was hit by a zero-day ransomware cyber-attack. Within three days, most of Copeland’s files had been encrypted. Hackers demanded Bitcoin in return for the files to be returned.
These are just a few samples of the successful cyber-attacks on local councils within the UK.
As more services go online and information becomes digitized the challenges faced by local governments and the solutions to the areas of attack become more complicated.
There are solutions available, but first, we must look at some of the prominent security challenges facing local governments and why many of these attacks are successful.
Impact of cyber security incidents on local government:
Though financial and service loss is a critical factor for most local authorities the widespread harm of cyber-attacks can include an array of lasting issues. These include:
- Failure to recognise and improve upon mistakes
- Continued encryption of data
- Spying across your IT infrastructure
- A loss of public trust
- Massive expenditure on new training
- Expenditure on re-establishing your IT network
- The costs of recovering data
It was reported in 2019 that local councils in the UK faced over 263 million cyber-attacks, ranging from phishing to ransomware and malware attacks.
The weakness of local governments to prevent these attacks is based on a wide range of factors, from legacy operating systems to poor training, communication and planning. We will delve into some of the major challenges facing local governments in the UK and what can be done to reduce or remove such threats.
Local Government Security Challenges
There are over 37 attempted breaches on local authorities every minute according to a report by the big brother watch group in 2018.
The National Cyber Security Strategy (NCSS) categorises the challenges faced by authorities and local government into Vulnerabilities and threats:
- Expanding range of devices and the use of personal devices
- Underfunded training and skills
- Availability of hacking resources
- Poor cyber hygiene and compliance
- Terrorist groups
- Insider threats (malicious and non-malicious)
Being aware of these threats and vulnerabilities can be challenging to local governments, they operate to serve the public but must also have safeguards and protocols in place to ensure that they can operate in a digital world successfully.
Council Cybersecurity challenges:
1. Outdated IT infrastructure
Without sustained and regular updates, your IT systems can become increasingly vulnerable to newer attacks. Outdated software can particularly fall prey to ransomware attacks.
Cybercriminals establish vulnerabilities and weaknesses in outdated software, and any information system that doesn’t get regular updates can be low-hanging fruit for threat actors. Outdated software can grant easy, back door access to the rest of the IT system.
Older IT systems tend to lack the latest security protections and controls, which can become a huge problem in three ways:
- It makes exploitation more likely.
- It makes detections more difficult.
- It significantly increases the impact of vulnerabilities.
2. Poor understanding of threats
One of the main challenges facing local authorities is training and a clear understanding of the role each employee and service provider plays in maintaining cybersecurity.
Local authorities must themselves recognise, plan and train for potential threats.
This has led to a misunderstanding of the levels of potential threats across different bodies and organisation’s allowing for weak points to develop along a chain of shared information. A report by local digital shows that many local authorities do not recognise local government security challenges as a priority until it is too late.
Local authority IT service providers are also open to attack since every access point connected to a device is a potential threat.
A misunderstanding of threats and knowledge of what they can do has led to the use of third-party local authority IT service providers with less security knowledge than is required.
As more local governments in the U.K. digitize their infrastructure and information systems, many of them aren’t spending nearly enough on critical aspects of their cybersecurity. As they institute new IT policies, local governments must set adequate budgets to procure the right cybersecurity solutions.
While higher budgets don’t necessarily guarantee the best cybersecurity solutions, having lower budgets almost always limits the options and exacerbates the local government security challenges.
More UK citizens will continue to demand smart, online public services powered by a modern, 21st-century government infrastructure. Therefore, local governments will require cybersecurity defences that match the level of potential threats.
What solutions are available?
Though threats remain high, and the number of attacks is likely to increase in the future. Taking adequate steps regarding training, updating of systems and awareness all help to offset the challenges faced by local authorities and other vulnerable agents.
In order to fight against cyber-attacks, organisations need to understand how threat actors work and where they could enter your IT network. Breach and attack simulations have been used by national governments and security forces for years to better train existing staff, highlight weaknesses in their security controls, develop response times and the best methods to offset such events.
Celerity has been protecting and securing data for many years, developing services to educate employees, accurately identify security gaps and relieve the resource-burdened in-house security operations centres (SOC).
Being able to accurately test your security controls through cyber-attack simulations will ensure more informed security investments are made and the combination with vulnerability management will offer greater visibility of your entire cyber posture.
Cyber Threat Insight Service allows you to offset many of the cost and training difficulties felt by many local governments through a low-touch managed security service that improves network security and reduces the threat of cyber-attacks.