12.02.18
ICO forced to take down its website amid cryptocurrency hacker fears
The Information Commissioners Office (ICO) has had to take down its website as a “precautionary measure” against hackers, who have infected hundreds of government computers with a program that mines cryptocurrency.
The Student Loans Company, Scottish NHS helpline, and the websites of both Manchester City Council and Camden Council have been affected by the malware, which is believed to be called Coinhive, and uses other people’s computers to “mine” or generate currency similar to bitcoin.
It is thought the issue was brought about through the website Browsealoud, a website which increases the accessibility of webpages by reading out content to people with vision difficulties.
Rather than mining bitcoin, the most well-known cryptocurrency, the hacking software is being used to generate Monero – a rival currency worth around £180 per unit.
A spokesperson for the ICO said: “We are aware of the issue and are working to resolve it. We have taken our website down as a precautionary measure whilst this is done.”
The office is a non-departmental government body which is sponsored by the Department of Digital, Culture, Media and Sport and is responsible for providing local government organisations with guidance on the upcoming general data protection regulation (GDPR).
The ICO site is still down and it is unclear when services will resume although other affected sites have now returned.
In a statement, the National Cyber Security Centre (NCSC), said it was investigating the incident but that there was no immediate risk to the public.
“NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,” a spokesperson said.
“The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely.
“At this stage there is nothing to suggest that members of the public are at risk.”
TextHelp, which runs the Browsealoud service, is believed to have enacted its cyber-attack action plan after the incident, and is now consulting with an independent agency about a review of its security.
The attack is the second major malware outbreak on public sector networks in recent years after the ‘WannaCry’ incident early last year.
Rather than focusing on cryptocurrency, the earlier incident saw many NHS trusts targeted, with software shutting down individual terminals and demanding a specific sum of money to restore access.
Top image: scyther5
Have you got a story to tell? Would you like to become a PSE columnist? If so, click here.