Leicester City Council is currently facing significant disruptions to its IT systems and essential service phone lines following what it describes as a "cyber incident." The council initially reported issues across its services on March 7 and swiftly took several systems offline, attributing the outages to the aforementioned incident.
View WhitepaperIn a series of events, Leicester City Council is currently dealing with the aftermath of a cyber incident that has caused chaos, in its IT systems and essential service phone lines since March 7. Initially, the council hinted at service disruptions on March 7th, in which they officially referred to it as a "cyber incident", sparking concerns and speculation about a possible ransomware involvement.
The vague terminology commonly used by organisations following cybersecurity breaches has left the public in uncertainty with terms like "cyber incident" and "encryption event" being used euphemisms for ransomware attacks. Although Leicester City Council has not confirmed the presence of ransomware officially the seriousness of the situation is implied by their silence regarding the nature of the attack.
Despite attempts by journalists and publishers to inquire about the incident, there has been no response from the council about what has happened specifically. Meanwhile, security experts monitoring the situation closely have observed shutdowns of services at specific points within the council's network infrastructure impacting Citrix NetScaler and Cisco AnyConnect VPN appliances.
The council is working diligently to unravel the complexities of this incident with an aim to restore services by mid-week. Richard Sword, who oversees city developments and neighbourhoods at Leicester City Council shared some insights, about the recovery efforts. He mentioned that they anticipate starting the recovery process by the middle of this week focusing on services first. In response to the chaos emergency measures have been put in place to ensure essential services continue operating.
Special phone numbers have been set up to address important matters like adult safeguarding, child protection, homelessness and housing. However, residents are facing challenges due to the lack of access to forms for reporting concerns or accessing services, leaving them with no choice but to rely on the provided emergency phone numbers.
Eerke Boiten, a cybersecurity expert at De Montfort University Leicester discussed the seriousness of the situation in an interview with BBC Radio Leicester. Boiten mentioned that whilst not all of the details have been disclosed yet, it seems like it's had enough of an impact to disrupt operations in various areas. Despite the uncertainty surrounding the situation Boiten expressed confidence in Leicester City Councils ability to handle the situation, suggesting that any potential harm to data would be dealt with in a professional manner.
He mentioned that Leicester City Council has a track record, in safeguarding information, which gives him some confidence that the impact of the data breach may be limited. As the investigation progresses residents are eager for services to be fully restored and for a picture of how the cyber incident has affected them. The interruption in services has raised concerns about the security of data shared with the council. Boiten provided reassurance by comparing this incident to events at the British Library. He highlighted regulations governing payment data to ensure it is not stored on systems. Is promptly removed.
To ease worries Leicester City Council ended its statement on the incident by pointing out that they are not alone among UK councils facing cyberattacks recently. This strategic move though subject to interpretation holds weight given the frequency of attacks targeting councils over the past year.
Looking at events helps to highlight how susceptible local authorities are to cyber threats. At the start of this year three Kent local councils encountered attacks resulting in prolonged disruptions, to council services. In a vein St. Helens Council faced a suspected attack in August 2023 that took several months to fully resolve mirroring the potential difficulties Leicester City Council could encounter.
Notably regional councils, in Britain were impacted by Capitals mishap involving an AWS bucket on the internet year leading to the exposure of resident's confidential financial information. These incidents highlight the challenges that councils face in protecting data and upholding strong cybersecurity measures.
Given this incident, Leicester City Council's response to the situation maybe be subject to a few complaints. As the city in the Midlands strives to bounce back from the cyber incident questions about information security and the effectiveness of actions within authorities take centre stage.
While efforts are primarily focused on restoring services and managing repercussions this incident serves as a reminder of the rise of cyber attack threats in society today and how important cyber security really is. As events unfold residents, cybersecurity professionals and the general public eagerly anticipate updates from Leicester City Council seeking transparency and a prompt resolution, to this cyber puzzle.
