Perth and Kinross Council fighting off monthly cyber attacks
HACKERS are trying a million times a month to break into a Scottish council's computers, according to a shock report.
Perth and Kinross Council is under “targeted and repeated criminal cyber attack”, according to a detailed document circulated to elected members by council bosses.
John Walker, deputy chief executive of Perth and Kinross Council, says at least three other local authorities in Scotland -- not named in the document -- are facing similar levels of threat.
Specific attacks include repeated incidents of “spear phishing”, a sophisticated tweak on standard information “phishing”, in which the council was specifically targeted to gain access to sensitive data, and “ransomware” attacks, where criminals install viruses which encrypt data and will release it only on payment of a ransom.
Mr Walker said as well as criminals, local authorities were also considered to be targets for foreign national intelligence services.
Analysing the problem for just one month, in November 2015, Mr Walker’s report reveals that Perth and Kinross Council, which has more than 6000 employees, received 7,190 emails containing viruses, 774 viruses were found already on the network, and 1,066,909 “malicious connection attempts”, were successfully blocked.
So far, the council’s firewalls have stood up, with no reported compromise of its computer system, but the council has also been subjected to “sophisticated and targeted” spam, according to Mr Walker.
In his report, he states: “The council network must continuously evolve with the threats in order to remain secure.
“The council’s security posture is robust in many areas but has areas for improvement, particularly [in] protective monitoring and user-awareness.
“Attacks are generally unsophisticated and indiscriminate, such as spam, phishing emails, email viruses and probing scams.
“However, the council has been subjected to increasingly sophisticated and targeted spam -- referred to as “spear phishing” -- where emails are specifically designed to target the local authority.
Mr Walker said employees usually recognise the “spear phishing” attempts as suspicious and deleted or reported them.
He states that local authorities are also considered to be targets for foreign national intelligence services.
His report to councillors adds: “Information relating to these threats is limited for reasons of national security.”
He revealed that four Scottish councils have recently been subjected to a “ransomware” attack, including Perth and Kinross.