UK local authorities are “unprepared” for cyber attacks
A new report has suggested that the majority of councils and local authorities in the UK are at a significant risk of having crucial IT systems breached, with the majority of staff lacking even basic security training.
According to privacy advocacy group Big Brother Watch, more than a quarter of UK councils have experienced a system breach in the past five years,
The group’s data was compiled from freedom of information requests, and found initially that 114 councils had encountered some sort of cyber incident between 2013 and 2017.
Of the 396 local authorities that Big Brother Watch contacted, 114 reported a system breach and, of those, 25 said that they had lost data or had data exposed to attackers as a direct result.
From this data, the report’s authors estimate that there were around 98 million cyber-attacks on local authorities throughout this period - the equivalent of 37 attacks every minute.
According to the group, most successful attacks were enabled by phishing emails which encouraged staff to share passwords or other confidential data.
The report adds that people are often the weakest link in the cyber-security chain and that combating such breaches - as well as larger-scale attacks that have dominated headlines in recent years - is possible only by introducing mandatory training for local authority staff.
Big Brother Watch also found that three in four local authorities did not insist on staff attending online security training sessions, while 16 per cent did not train staff at all.
Jennifer Krueckeberg, lead researcher at Big Brother Watch, said: "One would assume that they [councils] would be doing their utmost to protect citizens' sensitive information.
"Local authorities need to take urgent action and make sure they fulfil their responsibilities to protect citizens," she added.
A spokesperson for the Local Government Association responded to the statistics by suggesting very few of such attacks “actually manage to breach the firewalls or scanning systems in place”.
