‘No indication’ of data extraction, says Western Isles council following cyberattack
A forensic investigation into a cyberattack on Western Isles council has revealed there is ‘no indication’ of any data extraction by hackers.
Interim results of a probe into the breach of Comhairle nan Eilean Siar’s IT systems has established that data stored on operational and backup servers ‘cannot be accessed’.
The investigative team led by Police Scotland, the National Cyber Security Centre and Scottish Government – alongside the Comhairle’s IT team – has been able to access the Comhairle’s servers but has not been able to access the stored data.
Comhairle nan Eilean Siar said it will ‘continue to engage with and seek advice from expert organisations to monitor and mitigate the impact of this incident’.
The ‘criminal cyber incident’, thought to be a ransomware attack, occurred on November 7, and has brought down the council’s website and internal IT systems. Key services – as well as benefits payments and payments to creditors – have since been disrupted and a temporary website remains in place.
Ransomware is malware that infects a computer usually by clicking on a malicious link or attachment. It then spreads across a network, encrypting data so it cannot be accessed by the owners.
Ransomware gangs, many of which originate from Russia, then issue a ransom ‘note’ demanding payment in untraceable cryptocurrency, such as Bitcoin. They usually calibrate their demands based on the turnover of the host organisation.
They try to force victims to pay by threatening to reveal their data publicly on the ‘dark web’, a part of the internet accessible only by using specialist browsers.
However, Comhairle nan Eilean Siar said there is currently ‘no indication that any data has been extracted from the server or published’. It said it will communicate with those impacted ‘if this situation changes’.
It identified two priories: to identify any information extracted from the server and inform those impacted and to rebuild operations and ensure the continued delivery of services to those in our community that need them most.
Malcolm Burr, chief executive of Comhairle nan Eilean Siar, said: “The Comhairle has been the victim of a cybercrime which has caused significant damage and is having an impact on the delivery of many of our key services.
“Our priority is always the people of the Western Isles, and we will continue to work to ensure that the impact of this crime on everyone is lessened.
“This incident once again demonstrates the vulnerability of all public bodies to the growing threat of cyberattacks.”