Under attack: hackers target Hampshire councils and NHS in cyber attacks
HACKERS purporting to support the dead former Iraqi president Saddam Hussein defaced a council website, in one of a string of attacks on the public sector.
The News and its sister papers asked councils, health trusts and universities across the country how many cyber attacks they suffered and which systems were targeted.
Criminal breached security defences more than 400 times in the last three years nationally, Johnston Press Investigations has found.
A senior councillor has warned of dire consequences if sensitive data is accessed while an MP said hackers attack ‘every single hour’.
The University of Portsmouth suffered a ransomware attack, where computer files were encrypted and a demand for payment was made to the institution.
A ‘small number of machines’ were encrypted but the demand was not met by the university, and the data was restored via a backup.
A university spokeswoman said ‘robust measures’ were in place to protect its systems, adding: ‘Our technology and procedures evolve continuously to address these threats.
‘A small number of machines were affected and we have countermeasures in place to avoid data loss.
‘The university employs a combination of technology, procedures and vigorous staff training to counter cyber threats.’
Meanwhile, Portsmouth City Council said it suffered more than 137,000 attempted attacks so far this year – in line with councils across England. Of these, 87 per cent was spam and 13 per cent was malware. The authority said none was successful. Southampton suffered two ransomware attacks in 2016/17.
Two web pages run by Hampshire County Council were twice defaced by the Moroccan Islamic Union-Mail, a group taking aim at dozens of websites.
Responding to the findings, Portsmouth North MP Penny Mordaunt said the threat posed is ‘concerning’.
Ms Mordaunt said: ‘The growing threat of cyber crime is concerning. Businesses or public organisations have thousands of attempts to hack into their systems or cause them harm every single hour.
‘There has been a massive focus on this both in the public sector but also in the new national cyber centre which will help organisations protect themselves.’
Councils are near-constantly under attack by automated systems probing their networks looking for any weaknesses.
Huge amounts of data kept by local authorities is at risk, including sensitive adoption and adult social service records.
The county council’s two website defacements were in 2015/16 and 2016/17. No data was taken.
While the authority refused to say who was behind the attack, monitoring website Zone-H reported Moroccan Islamic Union-Mail was responsible.
The image put on a county council website on April 18 this year, pictured, said: ‘Moroccan Union Islamic-Mail. It’s time to remind the British government.
‘What they did with Saddam Hussein in the past is unforgettable.
‘And we are ready to sacrifice with everything as not to give up Iraq.
‘Stay alert for the coming.’
Hampshire County Council said one incident was reported to the police and National Cyber Security Centre but no data was compromised.
One page gave domestic abuse support and the other was a shop.
Council leader, Councillor Roy Perry, said: ‘The county council adheres to best practice for information security and is regularly audited by national and international accreditation bodies.
‘In both of these previous cases, a public-facing webpage was temporarily compromised by exploiting a vulnerability on the webpage.
‘No data was accessed or stolen. One of the websites has since been shut down.’
The incident was reported to the National Cyber Security Centre.
Dr Ian Levy, technical director for the NCSC, said: ‘The public sector faces many cyber attacks of various types every month.
‘There is no system in the world that is completely invulnerable, but we work with our partners to make systems as secure as is practicable.’
Chris Ward, director of finance and information services for the city council, said: ‘There are so many unsuccessful attempts that it would not be practical to constantly inform police.
‘There are established procedures to follow if the council did become a victim of a successful attack.’
Mr Ward added: ‘We have a range of technical tools to protect our systems, including anti-virus, anti-malware and anti-spam software.
‘These are robust and effective and are constantly under review to meet the challenges of the rapidly changing nature of the threats.
‘We use firewalls, filtering and scanning, and carry out annual penetration tests to highlight areas of risk. We also make sure staff are trained and aware of the threats out there.’
Gosport Borough Council, East Hampshire District Council and Havant Borough Council suffered no attacks.
Fareham refused to confirm or deny any information.