fbpx
Copyright: Shaun Moore

Many people’s lives in Gloucester were thrown into disarray in December when council services were disrupted by a major cyber attack.

Benefit payments, planning applications, house sales were all delayed after hackers compromised Gloucester City Council’s IT systems.

Six months on and the council is still some way from getting all of its services back to normal. On December 20, council officers became aware that their systems were compromised.

Malware, which is software that is specifically designed to disrupt, damage, or gain unauthorised access to a computer, had made it onto their systems.

The malware is understood to have got in via an email sent by a third party to a council officer and has since been linked by insiders to hackers operating out of Russia.

However, council leaders have so far refused to officially confirm this citing that the cyber attack is subject to a criminal investigation.

The cyber attack is understood to have encrypted large parts of the council’s files and restricted access to them and they have had to rebuild all of their computer servers.

During the early weeks and months after the hack was identified, other local authorities and government agencies blocked emails originating from the city council as a precautionary measure.

Until recently, the council could not process land charge searches which house buyers need to complete a purchase.

People trying to move house over the last six months say they have been in ‘total limbo’ and some were at risk of having mortgage offers rescinded.

The council has set aside £630,000 to fund the recovery work but opposition councillors fear the total cost may be in the millions. They have criticised the council’s lack of insurance to cover cyber attacks.

And one of the big unanswered questions by council leaders is whether or not people’s personal information has been accessed by hackers.

The council was issued with a £100,000 fine after 30,000 emails were downloaded by hacking group Anonymous in 2014.

Liberal Democrat group leader Jeremy Hilton (LD, Kingshom and Wotton) said he is very concerned that the council has not ruled out the possibility that personal information may have been compromised.

“I’m concerned about the time it has taken to recover our systems, it’s far too long. I’m concerned about the potential cost to the taxpayer and also the big unanswered question is about whether personal data has been compromised. We’ve never had a guarantee that it hasn’t”

Labour group leader Terry Pullen (L, Moreland) echoes these concerns. He asked about whether personal data had been compromised in January but he is yet to receive any guarantees.

He said the cyber attack had a major impact on services and there are not many people in Gloucester who have been unaffected by the loss of services.

“Very slowly things are returning to normal but no one expected it to take six months and there is still some way to go yet,” Cllr Pullen said.

“There are still many questions that remain unanswered but I am particularly worried that no one at the council can say what the final cost will be and who will pay for it. One can only assume council tax payers will foot the bill.

“Even more worrying than that, back in January, I asked the cabinet member for performance and resources about whether people’s personal information had been compromised. I was not given a conclusive answer then and have never received any assurances since.

“There are not many people in Gloucester who do not share personal information with the council in one way or another, whether that is by paying council tax, sharing data for election purposes or receiving benefits of some nature.

“People have a right to know if there has been a breach of their personal information and the council has a responsibility to inform them “

No insurance against cyber attacks

Gloucester City Council leaders confirmed earlier this year that the authority was not insured against cyber attacks earlier this year. They decided against insurance after receiving advice from insurance brokers and auditors.

However, since the incident, council managing director Jon McGinty has been discussing with the Local Government Association and insurance providers ways to improve the products on offer on the insurance market for the councils.

He was invited to join a meeting with Zurich and the LGA on June 17 to share learnings from the incident in Gloucester for the benefit of the wider sector.

Speaking at cabinet on June 14, Cllr Hilton said Gloucestershire County Council have been insured for cyber recovery for several years.

He said: “The current policy requires a number of conditions to meet any possible claim and there’s a £50,000 excess.

“I’m just wondering that in view of the fact that we put £630,000 aside for the recovery, if we had insurance maybe we wouldn’t have had to put so much money aside.

“But also, I wonder if having insurance policies requiring certain securities within the systems would make us less vulnerable to a cyber attack.”

Council leader Richard Cook (C, Kingsway) said the policy the county council has would not have covered costs the city council has incurred in rebuilding its systems.

“We would have still incurred the same sort of costs even if we had the same policy. However, the managing director is approaching a self-insuring system through the LGA and maybe that’s a better way of insuring ourselves for the future.”

Since the cyber attack, people have not been able to access the council’s plannign portal online. This has meant people have had to resubmit their objections to planning applications and historic plans are not available to access.

Council leader Cook says the system is close to being restored but cannot give a definite date for when it will be reinstated.

Cllr Hilton asked if everything would be up and running by July 30 as he understood the systems had been rebuilt but were undergoing some final tests.

He said: “Six months is really too long to have the system down. We do know it has caused problems.

“You can’t read objections made by other people on a particular planning application.

“We can’t search back to see the history of a plan and things like the Hill Farm application was delayed and now we have an appeal against us because we were able to determine it due to the cyber attack.

“And those of us who objected to the original application have had to send to the inspector the objections to the planning application. It’s really important that the planning portal is up and running as soon as possible.”

Cllr Cook apologised to all those affected and said officers are working on bringing the system online as soon as possible. He said Hackney Council suffered a cyber attack in October 2020 and have still not recovered all of their systems.

“They are still working on it. I know our officers are working on it as fast as they possibly can. It does depend on how well the testing goes. I can’t make any dates because I can’t read the future.”

Electoral register problems

Cllr Hilton also raised concerns last week about the impact the cyber attack has had on the electoral register.

He said a resident had contacted him about registering to vote on the electoral register and the problems the council was having because of the cyber attack.

“He is particularly worried because he moved in in February and is unable to get his name on the electoral register. We need to get this sorted as soon as possible.”

He asked if the council kept paper copies of all the signed forms submitted by people who register for a postal vote. Cllr Hilton asked: “Surely we kept all the signed forms so that we could check if there was a by-election or a snap general election?”

Managing director Jon McGinty said the council is planning to write to all registered postal voters about the issue.

“We don’t keep paper copies beyond a certain date. We destroy them once the details have been scanned,” he said.

“All the signatures and documentation are scanned to our electoral registration system and then we destroy the paper originals for very sensible data protection reasons. When people put in their postal votes in an election.

“There is software that matches the signature against the ones stored in the images on the system.

“There will be a few thousand paper documents of recent applications but it’s a very small proportion of the total number of postal vote registration. With most of those the original documents have been destroyed.”

By Carmelo Garcia – Local Democracy Reporter

Gloucester News Centre – http://gloucesternewscentre.co.uk

Disruption lingers six months after hackers targeted council by | Gloucester News Centre - http://gloucesternewscentre.co.uk/