Redcar cyber-attack: Council using pen and paper
More than 135,000 UK residents have been without online public services for nearly a week, as Redcar & Cleveland Borough Council struggles with a cyber-attack.
An update on the council’s official Facebook account as of February 18 said: “We are still experiencing issues with our IT systems, which means we are working with a reduced capacity. We are able to receive and answer limited calls and emails and we will be prioritising urgent messages”.
The leader of the council, Councillor Mary Lanigan, has stated: “Computers have been taken offline and systems are being rebuilt. The main problem is that we have no email systems”.
One cyber-security expert has been quoted as stating “The incident had all the hallmarks of a ransomware attack, in which files are scrambled until a ransom is paid”. But the council refused to confirm the nature of the hack.
This news follows shortly after currency exchange company Travelex was hit by a Ransomware attack and is still dealing with the consequences, which took its online services offline for weeks.
So what steps should organisations be taking to safeguard their systems, their customer’s data and their reputation?
Cyber security must be taken seriously.
A recent study published by the DCMS found that around a third (32%) of businesses and two in ten charities (22%) report having cyber security breaches or attacks in the last 12 months. As in previous years, this is much higher specifically among medium businesses (60%), large businesses (61%) and high-income charities (52%).
Among this 32 per cent of businesses and 22 per cent of charities facing breaches or attacks, the most common types are:
- Phishing attacks (identified by 80% of these businesses and 81% of these charities)
- Others impersonating an organisation in emails or online (28% of these businesses and 20% of these charities)
- Viruses, spyware or malware, including ransomware attacks (27% of these businesses and 18% of these charities).
Keep your systems up to date
The problem with running outdated software is not just the lack of new features or improved functionality provided, but just as important it’s the known and exploitable vulnerabilities.
For example, the WannaCry Ransomware epidemic, which infected more than 230,000 users in over 150 countries and crippled the NHS could have largely been prevented. While Microsoft had released patches previously to close the exploit, much of WannaCry’s spread was from organisations that had not applied these, or were using older Windows systems that were past their end-of-life.
Educate your employees
Understanding the cyber terminology, threats and opportunities is critical for every person in every business across all industries. By providing advanced cyber training and education solutions in all departments of your business, from Marketing and Sales to IT and Customer Services, you are investing in your company’s protection against cyber threats.
Redsquid provides a range of services that can help you, from penetration testing to fake phishing campaigns that can help identify which departments need additional training and where your security needs improving.
Implement a Cyber Security Strategy
With most companies on their digital transformation journey, 100% uptime is no longer a bonus, but a requirement. So, the construction and implementation of a complete cyber security strategy to ensure this is achievable should be a matter of priority that is engaged with across the entire company.
The first challenge is to fully understand and recognise the urgency of having a robust strategy, and one that is supported by technology that will protect increasingly digitised business operations. If the best cyber security strategy is one that covers all bases, where do you start, and what should it include? Our Cyber Security experts are happy to audit your current setup and help you on your way to becoming more secure and assist in implementing your organisation’s Cyber Security strategy.
To speak to one of our Cyber Security Experts, call Redsquid on 020 8166 4540, email us at [email protected] or use the web chat in the bottom right hand corner.