In recent days, it was announced that Copeland Borough Council had been victim to a Ransomware attack, and that they were experiencing major difficulties.
Back in 2015, the council was subject to another attack, where they had been locked out of accessing financial data. Concerned that CBC hadn’t learned from the previous attack, I asked some questions on Social Media, but was told that I must submit a Freedom Of Information Request to access the information. Not being someone that is put off easily, I did as requested.
In 2015, CBC claimed to have been attacked by Ransomware.
Could you please explain what steps were taken after that attack to ensure it didn’t happen again? Were patches applied to software and servers installed? Have you continued to apply patches? Was security enhanced?
Now, in 2017 another Ransomware attack has taken place.
What was the name of the Ransomware to have deposited itself onto the CBC system this time around in 2017? NotPetya or variants of?
I would like to see the investigative report from the previous Ransomware attack in 2015, if you commissioned one. If you didn’t have a report produced, why not and are you commissioning one this time around?
Today, I have received a response from the council. While I totally understand their reluctance to share security information, I am alarmed at what I have been told in the response to one of my questions:
Following a search of electronic and paper records here at Copeland Borough Council I can find no trace of a reported ‘Ransomware’ attack in 2015. An unrelated data breach/attack was reported in 2015 but again I can find no written record of this incident.
A full investigation will be carried out by suitably qualified security experts this time, until it is completed we do not know if the information contained within it would be detrimental to our security defences and as such we could not say if it will be released in full under FOI. Arrangements may be made to share this information in a format that would not compromise our security.
Now, I am pleased that an investigation into the attack is to be carried out this time around, but WHY wasn’t one done in 2015?
Learning from past mistakes is vital in ensuring that they aren’t made again. Back in 2015, the public were told that it was costing us £650 a day for a consultant to correct the problem. The final figure ran into £thousands. At the time, Mayor Mike Starkie said:
At no point was any personal information at risk, and we took this opportunity to review our IT security measures and make sure they are as robust as possible.
I guess CBC haven’t learned the lesson after-all.
- Back in July, I warned the local authority that their security was lax via this website and on social media. My social media post was deleted.
How unfortunate for them to not listen.