19.10.17
Only six of 33 London councils safe from cyber-attacks
Only six of London’s 33 councils have the appropriate level of cyber protection for emails, it has been revealed.
New figures released this week show that a huge majority of local authorities in the capital are at risk of fake online correspondence.
The fear is that replying to certain malicious emails, which appear to be from the government or other official organisations, could contain links which download malware onto the victim’s system.
In June, the National Cyber Security Centre (NCSC) recommended the introduction of Domain-based Message Authentication, Reporting & Conformance (DMARC) software. This would allow council employees to be certain about the authenticity of messages they receive and reduce the number of cyber incidents.
The NCSC report explained: “What it means for the citizen is that instead of being advised ‘not to open a dodgy looking email’ the ‘dodgy email’ does not arrive.”
The recommendation came before the centre reported this month that it was aware of 590 incidents of ‘significant’ attacks on government networks.
Phishing emails make up more than 90% of all cyber-attacks, but it has been reported that only six local authorities in London have a DMARC protection system.
The coucils who use the system are Hillingdon, Merton, Hounslow, Hammersmith and Fulham, Kensington and Chelsea and Waltham Forest.
“Cyber security is a top issue for the mayor and his new chief digital officer, Theo Blackwell, and the Greater London Authority (GLA) has strong protections in place to ensure that its IT systems are not at risk of phishing attacks,” commented a spokesperson for the GLA.
“City Hall is continuing to work closely with the London Digital Security Centre, a venture that is funded by the mayor, to find ways to improve London’s resilience.”
The revelation comes in the same week that councils across the country called for greater funding for cyber security programmes in the upcoming Autumn Budget.
Local authorities hold information about huge numbers of people, with everyone from local residents, hospital patients and school students as potential victims of data theft.
Cllr Paul Bettison, chairman of the LGA’s Improvement and Innovation Board, spoke of the importance of cyber defence at a time when communication of data between councils and government agencies is becoming increasingly important.
“Protecting personal data successfully from computer hackers looking to exploit private information for criminal purposes in an increasingly digitised world is a top priority for councils,” said Bettison.
“However, as local authorities work even more with partners on national initiatives - such as the integration of health and social care, children’s services and welfare reform programmes - councils need to share more sensitive and personal information with organisations including hospitals, GPs, care homes, schools, academies, police and probationary services.
“For this reason, councils need to ensure confidential information is protected as securely as possible from the rising number of cyber-attacks which can bring businesses to their knees, by putting their IT services out of action for days and compromising personal data.”
Top image: scyther5
Have you got a story to tell? Would you like to become a PSE columnist? If so, click here.