Cyber attacks increasing by up to 50% in local councils across the UK

Sefton Council has been fighting off over 30,000 cyber attacks a month. While cybercrime increases, so does the need for stronger public sector security

The risk of a security breach has become an increasing reality for local councils in the UK, as seen in Sefton Council, which has experienced 50% more cyber attacks every month a figure in line with a global increase in incidents, according to a new report.

While the council has been able to resist all cyber attacks so far, new developments have been put in place to protect the local council network from future cyber attacks.

Up to 400 “brute force attacks” on Sefton Council’s network every month

These large and shocking figures were revealed in a report before Sefton’s audit and governance committee meeting on March 13th.

Having commissioned two external reviews of its systems in the past year, including assessments by Microsoft and the Local Government Association. Sefton council found it, like many other local councils across the country, was being targeted for the security of its IT infrastructure.

The council entails that “significant work” to prevent future attacks is being conducted – such as the implementation of new security standards, new tools, and review of training materials.

The report notes that staff at the council are the “last line of defence” against cyber attacks, and alongside all other local councils, the risk of cyber-attacks going forward remains a “significant” and ongoing challenge.

How are cyber attacks affecting other local councils?

An increased risk of a cyber attack is also facing Bristol City Council due to delayed critical IT updates. The local council highlights that a huge risk factor is end-of-life software – a key target for cyber attacks.

End-of-life software is a key target for cyber attacks

To change this, millions will soon be spent on updating many IT systems the council uses, to fill the gap between current software – used for work like managing repair jobs in council flats — reaches the end of its life, and when the new software is rolled out.

With the new software rollout predicted by May 2024, council services aim to become easier to use for tenants, staff and contractors.

One year since the Gloucester City Council cyber attack

Additionally, the Gloucester City Council cyber attack is a reminder to all local councils across the UK just how vulnerable everyday services are in the digital age – since December 20, 2021, when Gloucester City council officers first became aware that their systems had been compromised.

Russia-linked hackers, who were believed to be responsible for the attack, disrupted numerous services for thousands of residents – including benefit payments, planning applications and house sales, as well as councillors being blocked from emailing other organisations.

The council had to rebuild all of its servers as a result of the attack and the latest estimate suggests the bill to the taxpayer stands at just under £800,000.