Some thoughts from Skillcast on cyber breaches and lessons learned from the recent attack on Leicester City’Council’s systems;
Leicester City Council faced a breach as hackers targeted its servers, leading to the exposure of confidential documents, including rent statements and passport information. The ransomware gang INC Ransom claimed responsibility, echoing their recent attack on NHS Dumfries and Galloway. Richard Sword, Leicester City Council’s strategic director, strongly condemned the breach, emphasising its grave implications. Given the UK Government’s firm stance against engaging with ransomware actors, it’s unlikely that the INC Ransom is looking to gain financially from these attacks.
Compliance expert and CEO of compliance training company Skillcast Vivek Dodd warns, “The landscape of ransomware attacks is evolving. With financial gains becoming harder to secure, perpetrators may resort to tactics designed to inflict widespread disruption as a means of exerting power.”
He emphasises the gravity of this shift, highlighting, “Other public bodies are at risk of similar attacks which raises the concern of widespread digital disruption.”
While ensuring that staff receive training on fundamental aspects such as avoiding weak passwords or clicking on suspicious links, Skillcast highlights some of the less obvious errors that can have far-reaching consequences to help councils prepare:
1. Granting Excessive Access Permissions – Allowing users unrestricted access to resources beyond what is necessary for their role can increase the likelihood of insider threats and exacerbate the impact of a security breach.
2. Neglecting Network Segmentation – Failing to divide the network into smaller, isolated segments with separate access controls leaves it vulnerable to the rapid spread of malware or unauthorised access, amplifying damage to the council’s systems and data in the event of a breach.
3. Neglecting Incident Response Preparedness – Failing to develop comprehensive incident response protocols tailored to specific cyber threats and scenarios hampers the council’s ability to respond swiftly and effectively to security incidents, prolonging downtime and exacerbating the impact on operations.
4. Skipping Red Team Exercises – Neglecting to conduct regular simulated cyber attack scenarios, known as red team exercises, deprives councils of the opportunity to identify weaknesses in their cybersecurity posture and improve incident response capabilities through real-world simulations.
5. Disregarding a Zero Trust Architecture – Failing to adopt a zero-trust approach to security, where continuous authentication and authorisation are required for all network resources, exposes councils to heightened risks of insider threats and unauthorised access, compromising the integrity of their systems and data.
Skillcast advises that residents concerned about potential data breaches following the recent cyber incident should remain vigilant and monitor their financial accounts for any suspicious activity, including unsolicited communication. Additionally, refrain from providing personal or financial details unless certain of the legitimacy of the request.
Vivek states “While the council is in the process of contacting affected individuals, residents are encouraged to proactively update their passwords and be cautious of phishing attempts. It’s also essential to stay informed through official channels and seek support if you’re feeling overwhelmed.”
Be the first to comment