The UK’s local authorities have an immense responsibility for the provision of services and the safe custody of data – all of which is reliant on IT systems. They carry the burden of this responsibility individually, with limited resources and budgets.
When you consider the numbers of local authorities across the UK, the scale of the challenges they face becomes apparent. In England, alone there are 318 councils, with a further 32 in Scotland and 11 in Northern Ireland. In Wales, where local governance is carried out at much smaller community levels, there are over 730 councils.
Like the private sector and other organisations, local authorities face constant cybersecurity challenges, with ransomware being one of the most prevalent. According to a recent article in Computer Weekly, local authorities across the UK face an average of 10,000 attempted cyber-attacks per day. Of course, the vast majority of these are thwarted, but it only takes one successful attack to cause immense damage.
A case in point
In January 2020, at a time when local authorities were beginning to deal with the huge challenges associated with the onset of the pandemic, England’s Redcar and Cleveland Council fell victim to a catastrophic ransomware attack. The attack severely affected IT systems and phones and its effects were felt for the following eight months, necessitating a return to pen and paper in the immediate aftermath to ensure the delivery of services. Among other things, it was necessary to rebuild the council’s website, with the attack costing more than £7 million in total. It prompted an investigation by the National Crime Agency and the National Cyber Security Centre and caused such concern for local authorities and central government, that it became the subject of a parliamentary inquiry.
Understanding the risk that local authorities face
Among local authorities across the UK, there has been a widespread understanding that the Redcar and Cleveland Council ransomware attack could happen to any one of them, resulting in a redoubling of efforts to ensure robust cyber defences. However, in some cases, there may not be an adequate appreciation of the potential vulnerabilities in IT environments, which is resulting in increased risk.
Despite the best efforts of local authorities to ensure all staff undergo cyber awareness training, threats, primarily posed by attempted phishing attacks remain prevalent, accounting for as much as 75% of attempted attacks in local government environments.
Trusting in an inadequate security blanket
Microsoft 365 is an excellent and widely used platform, whose popularity has grown among local authorities. For many, it’s a major data repository through Microsoft SharePoint and an important communications hub through Microsoft Teams. Unfortunately, it’s also the most common gateway for phishing related ransomware attacks, within local government.
While it’s undoubtedly a great platform, the fact that Microsoft has long data retention policies can give users a false sense of security, with some believing that it makes the need to back-up data redundant. This is incorrect and is in fact a false security blanket. Data retention and backup are completely different things. Yes, if data is deleted, it can probably be retrieved through Microsoft 365. However, if data is infected or overwritten, having a third party backup offers the only solution to resolving the issue. Users are often surprised to learn that Microsoft itself recommends having a third-party data backup solution.
A best practice approach for local authorities to eliminate the possibility of data loss from ransomware attacks and other potential risks, is to have local data backups, supplemented with the services of an outsourced immutable data backup provider who can guarantee disaster recovery and the rapid restoration of encrypted data to minimise disruption.
For many local authorities, outsourcing disaster recovery functions to a specialist third-party provider can also be very cost effective, as it eases the pressure on stretched IT staff, allowing them to focus on other priorities. It can also lower the cost of cyber insurance.
Considerations for local authorities when selecting an immutable backup provider
There’s a growing acceptance of the importance of immutable backups at the IT leadership level within UK local authorities, but deciding on a course of action often presents challenges. It’s important to select a partner that understands the specific needs of local government and their working environments. It’s also important to work with a partner who can offer a backup platform that was built from the ground-up with immutability in mind. Assured Data Protection are experts in the provision of services to the public sector. We work closely with data security specialists Rubrik to guarantee rapid restore of data and operations, helping to avert a ransomware related crisis for local authorities.