Lincolnshire council IT ransomware flingers asked for ... £350

To be paid in Bitcoin, of course

Lincolnshire County Council's IT is back up and running after the council shut everything down last week following a ransomware attack in which the attackers turned out to have asked for a mere £350.

Despite the BBC reporting that the council had been hit by a £1m ransom, a spokesperson told The Register that it had only been asked for $500 (c £350), unsurprisingly to be paid in Bitcoin.

The council has not released the name of the ransomware which hit it, though it continues to claim that it had been hit by a 0-day exploit.

The vulnerability has yet to be disclosed, but the council told The Register it did not believe it had been victim to a targeted attack.

Judith Hetherington-Smith, the Council's chief information officer, told the BBC: "This was what's termed as a zero-day attack, which means when it hit us the security software providers hadn't seen it before."

It would be highly unusual for a non-targeted attack to utilise a 0-day exploit. Due to the nature of spam phishing campaigns, their exploits are usually quickly recognised by security vendors and solutions quickly patched to protect against them.

The council would not pay the ransom for the 300 machines the malware had infected, according to Hetherington-Smith, but she said that, "as of Monday morning, as staff come back to work, we are expecting to be pretty close to normal." ®

Similar topics

Broader topics

Narrower topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022