The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Big Brother Watch £19 Million Local Authority Cyber Attacks

20 February 2018 | Updated 06 March 2018
 

Local authorities face £19 million cyber attacks a year, an investigation by a civil liberties campaign group has revealed.

UK councils have been subjected to over 98 million cyber attacks in the past five years, an investigation by Big Brother Watch revealed on Tuesday February 20. The report exposes the extraordinary extent of cyber security threats faced by local authorities – amounting to 37 cyber attacks every minute.

This is all happening whilst those same councils are accumulating growing troves of sensitive and personal information about citizens - the big issue for Big Brother Watch who claim the report uncovers an overwhelming failure of councils to report losses and breaches of data, as well as shortcomings in staff training.

The investigation, conducted using freedom of information requests, reveals that 25 councils experienced a loss or breach of data – but more than half went unreported. Although human error is the main factor in making a hack successful, the investigation found that 3 in 4 local authorities do not provide mandatory cyber security training to staff.

A Big Brother Watch spokesperson said: "These findings raise concerns about the ability and commitment of local authorities to fend against cyber attacks. The report comes at a time when local authorities are collecting more personal information about citizens than ever, making them a growing target for cyber attacks."

 

Key findings

  • 114 (29%) councils experienced at least one cyber security incident that constituted an actual security breach – between 2013 and 2017.

  • There were 376 cyber security incidents in total.

  • 25 councils experienced one or more cyber security incidents that resulted in the loss or breach of data.

  • More than half of councils (56%) who experienced a loss or breach of data did not report it.

  • 297 authorities (75%) do not provide mandatory training in cyber security.

  • 62 (16%) councils do not provide any cyber security training at all.

Jennifer Krueckeberg, Lead Researcher at Big Brother Watch said: “With councils hit by over 19 million cyber attacks every year, one would assume that they would be doing their utmost to protect citizens’ sensitive information. We are shocked to discover that the majority of councils’ data breaches go unreported and that staff often lack basic training in cyber security. Local authorities need to take urgent action and make sure they fulfil their responsibilities to protect citizens.”

 

Privacy Matters

Pat Walshe, Director of data protection consultancy Privacy Matters, said: “The Big Brother Watch report reveals inconsistent approaches to safeguarding personal and sensitive data held by local authorities.  It highlights the pressures faced by local authorities in a world of diminishing resources but increasing demands. It will be important that local authorities receive appropriate support moving forward.”

 

Report definitions

  • A ‘cyber attack’ is defined by the UK’s National Cyber Security Centre as ‘a malicious attempt to damage, disrupt or gain unauthorised access to computer systems, networks or devices, via cyber means'.

  • A ‘cyber security incident’ is defined by the UK’s National Cyber Security Centre as  ‘a breach of a system’s security policy in order to affect its integrity or availability or the unauthorised access or attempted access to a system’

To read the report with the full breakdown of local authorities - Click Here

Image

 

Article written by Brian Shillibeer | Published 20 February 2018

Share



Related Articles

123456 - 23.2 Million Cyber Victims Used This Password

The most hacked passwords have been revealed as a UK cyber survey exposes gaps in online security with global breach analysis finding 23.2 million victims used 123456 as...

 Read Full Article
Working Securely Online – Cyber Hygiene

With more people working on the internet outside of monitored business networks, the risks of compromising company and personal data are increased. Concentration is...

 Read Full Article
Huawei The Lads – Clandestine Chinese Tech Co Gets Partial 5G OK

Restrictions should be placed on the use of high-risk 5G vendors such as Huawei – but that doesn't exclude the Chinese Government owned firm from being...

 Read Full Article
Councils Can Apply For Digital Funding To Boost Services

Councils looking to improve public services through innovative uses of digital technology can apply for funding, Local Government Minister Luke Hall MP has...

 Read Full Article
147 Dead - 2018/19 Fatal Injury Stats Released

July 3 saw the HSE release their annual provisional workplace fatality figures for 2018/19. 147 workers died between April 2018 and March 2019 (a rate of 0.45 per...

 Read Full Article
Learning To Be Tough On Weak Passwords

East Ayrshire Council has blocked weak passwords after an annual audit revealed their 6,000 employees were leaving the organisation open to cyber threat. It was 2017...

 Read Full Article
Malicious Intent Is Biggest Threat to Personal Data

A social media poll has found that sixty-five per cent of respondents believe that humans pose the biggest threat to their personal data rather than cyber...

 Read Full Article
Great British Spring Clean & National High Street Perfect Day

Councils across England will receive a share of £9.75 million to back their efforts to spruce up high streets - and every local authority in England is guaranteed...

 Read Full Article
Attack On Critical National Infrastructure Imminent

Over half of the respondents to a survey have said they believe an attack on critical national infrastructure is imminent. Most respondents also think the convergence...

 Read Full Article
Not Wiping Memory Risks GDPR Fines

Thousands of businesses are risking GDPR penalties for not wiping the memory from old IT equipment, it has been claimed. According to a survey carried out by...

 Read Full Article