British Government Minister Told Council to Keep Quiet After Ransomware Attack

An unnamed British government minister told the leader of Redcar and Cleveland Borough Council to keep quiet about the impact of a catastrophic ransomware attack two years ago, a parliamentary committee was told on Monday. The pressure from central government to not discuss the impact of the attack caused the council a lot of issues, said Mary Lanigan, who has led the council since 2019, during a witness session held by the Joint Committee on the National Security Strategy. The JCNSS is holding an inquiry into whether the United Kingdom's national security strategy is effectively addressing the threats posed by ransomware. Lanigan told the committee that a minister from central government told her "Whatever it is, we'll meet the cost," although they ultimately failed to do so - costing the council about £7 million - millions in excess of the cash it held in reserve. The attack on Redcar and Cleveland Council struck in January 2020, just as the COVID-19 pandemic was beginning and the resources of local authorities throughout the United Kingdom would be put under enormous pressure. The borough, in North Yorkshire on England's east coast, has a population of just over 130,000 and is among the more deprived areas of the country. Children and adult services - everything had been wiped out completely, described Lanigan. So you can imagine any reports coming in from members of the public regarding children and services and things like that. It was devastating. Lanigan added that the attack not only locked up the council's records, but shut down their access to telephone lines, email, computers, printers and other electronic devices. We couldn't even take in payments for [business] rates or for any bills, she said. We were advised not to go into a great deal of depth about what had happened. The public knew that we'd been hit with a ransom attack, but not how serious that was - it was catastrophic, not just for the council but for the residents and the people that we serve across the board, said Lanigan. GCHQ staff slept in council building to get Childrens Services running. The council leader credited staff at the National Cyber Security Centre, a part of GCHQ, with helping the council prioritize getting its Childrens Services back up and running as quickly as possible. Those specialists, alongside the council's own IT staff, were actually staying in the building, we actually put beds in for them in order to see how quickly we could do that [recovery] and move that forward. We were fortunate - maybe not fortunate, GCHQ are experts in their field - and they got as quickly as they could. That could have impacted on foster carers and what was happening and we were lucky in that regard. But it was due to GCHQ that we got that section up first, she added. Although some services were operating within weeks, in total it took the council more than eight months to be functioning again - a period during which the United Kingdom had gone into lockdown and council revenues and services faced additional challenges. Aside from the engagement from the cyber response teams, Redcar and Cleveland Borough Council found that although we informed central government that we were under attack, we were left to our own devices for the first week or so. We had to ring private security. Central government left us. I have the paperwork here, the council leader told the committee. What I was getting from central government was "don't say anything," which made it very difficult - although my cabinet knew what was going on - and it seemed that we had to keep it really tight, said Lanigan. And maybe because of security, I absolutely understand that, but then in hindsight it caused us a lot of issues because we couldn't actually go out there and say this is what's happened. A government spokesperson had not responded to The Record's questions as of publication. No idea why Conti provided the decryption key. Alongside Lanigan, the JCNSS heard from John Ward, the interim Chief Technology and Transformation Officer at the Republic of Ireland's Health Service Executive, about the attack which crippled the country's national health service in May 2021. Ward said that going public was a major benefit for the HSE's response. While the attacker posted a ransom note, the HSE and the Irish government confirmed on the day of the attack that we would not engage to pay a ransom to the attacker either directly or through a third party,

This Cyber News was published on therecord.media. Publication date: Tue, 31 Jan 2023 14:25:02 +0000


Cyber News related to British Government Minister Told Council to Keep Quiet After Ransomware Attack

British Government Minister Told Council to Keep Quiet After Ransomware Attack - An unnamed British government minister told the leader of Redcar and Cleveland Borough Council to keep quiet about the impact of a catastrophic ransomware attack two years ago, a parliamentary committee was told on Monday. The pressure from central ...
1 year ago Therecord.media
English council spent £1.1 million recovering from ransomware attack - Gloucester City Council in the West Midlands of England was forced to spend more than £1.1 million to recover from a ransomware attack in December 2021, according to the published agenda of a council meeting that took place on Monday. The meeting ...
11 months ago Therecord.media
Rhysida ransomware gang claims British Library cyberattack - The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. Rhysida is auctioning off the data it reportedly stole from the United Kingdom's national library ...
11 months ago Bleepingcomputer.com
Suspected ransomware attack hits Scottish council - Public services across the Na h-Eileanan Siar - the Outer Hebrides - in Scotland continue to be disrupted following a suspected ransomware attack on the IT systems of the local council, Comhairle nan Eilean Siar. "Writing on X, the website formerly ...
11 months ago Computerweekly.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
11 months ago Therecord.media
British Library: Ongoing outage caused by ransomware attack - The British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several locations. Over 11 million visitors use the library's website annually, with more than 16,000 people using its collections ...
11 months ago Bleepingcomputer.com
Ransomware takes British Library goes offline - When the British Library was infected with ransomware, few could have predicted how damaging the attack would be. A month later, the Library's IT systems are still offline - and now hackers are threatening to sell stolen personal data too. On 31st ...
10 months ago Pandasecurity.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
8 months ago Bleepingcomputer.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
11 months ago Bleepingcomputer.com
British Library hailed by UK cyber agency for its response to ransomware attack - The British Library - the national library of the United Kingdom and an archive of millions of books and manuscripts - was hit by an initially unspecified attack last October, although internally the cause was known to be ransomware. The nature of ...
7 months ago Therecord.media
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
5 months ago Bleepingcomputer.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
9 months ago Securityboulevard.com
Lawmakers: Ban TikTok to Stop Election Misinformation! Same Lawmakers: Restrict How Government Addresses Election Misinformation! - In a case being heard Monday at the Supreme Court, 45 Washington lawmakers have argued that government communications with social media sites about possible election interference misinformation are illegal. Just this week the vast majority of those ...
7 months ago Eff.org
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
9 months ago Unit42.paloaltonetworks.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com
Frameworks, Guidelines & Bounties Alone Won't Defeat Ransomware - COMMENTARY. The US government is ramping up efforts to stem the increasingly disruptive scourge of ransomware attacks. The State Department recently offered up to $15 million for information on LockBit, and $10 million for information on the ...
6 months ago Darkreading.com
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
10 months ago Go.theregister.com
British Library: Finances are healthy amid cyber rebuild The Register - The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. Reports at the weekend suggested the ransomware recovery costs were ...
10 months ago Packetstormsecurity.com
Indonesia's communications minister faces pressure to resign following cyberattack - Indonesia's communications and informatics minister, Budi Arie Setiadi, is facing public pressure to resign following a large-scale ransomware attack on the country's national data center that disrupted over 200 institutions, including government ...
4 months ago Therecord.media
Apple alert: India opposition says government tried to hack phones - Some Indian opposition leaders have accused the government of trying to hack into their phones after receiving warning messages from Apple. Apple's alert said it believed the recipient was "Being targeted by state-sponsored attackers". He added that ...
11 months ago Bbc.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
10 months ago Helpnetsecurity.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
9 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)