Ouch: Brit council still staggering weeks after ransomware bit its PCs

'Unable to process planning applications and land searches'

Copeland Borough Council statement

Copeland Borough Council was recently the victim of a vicious national, and possibly international cyberattack. This malicious and random professional attack has infiltrated our IT network causing major internal disruption. In order to prevent further spread of the attack, the Council has had to switch off its network whilst the extent and severity is understood, and further damage and risk prevented.

As a consequence, all of the Council’s systems are not currently operating, although some hosted on servers held offsite are enabling the payment of benefits in accordance with the Council’s Business Continuity Plan. And waste collections continue to operate although missed bin collections may be affected.

This attack has affected the majority of our services and we are aware some residents and businesses are experiencing the adverse effects of our current situation. For this, we offer our most sincere apologies. For example, currently we are unable to process planning applications and land searches and we acknowledge that this may cause a delay in those wishing to sell and purchase properties, as well as those wishing to submit applications.

Other services have been impacted including our customer service team, meaning that some customers are experiencing a delay in calls being answered. We are aware that access to our website is also currently intermittent and we are taking every possible measure to ensure this issue is resolved without delay.

We would like to assure our residents that we have assembled an expert team to support the recovery from this attack from a range of partner and specialist agencies, including cyber experts from the constabulary. This cyberattack is a criminal offence and both the police and national cyber security council are working with us and other affected parties.

The team at Copeland are working around the clock to support the recovery and to keep services functioning where it is possible to do so. We would like to thank our staff and residents for their patience and understanding during this incredibly difficult time.

We ask kindly that our residents direct any queries through our email system which is functional – unless their enquiry is urgent, in which case they can call our customer service team. Although our email system is fully functional, as it is part of a cloud-based system and not connected to our network, therefore council emails do not pose a risk to your systems.

However, we would also ask that residents and customers be cautious when opening emails appearing to have invoices attached from council officers. These are cyberattack generated and often include the subject line of ‘new invoice or invoice number’ followed by a series of numbers and symbols. These are not legitimate council emails – if in doubt, do not open it.

Finally, we want to assure you that we are doing everything in our power to resume full service availability in the near future, but disruption to services is likely to continue whilst we both restore our systems and address the work load that has accumulated during the system down time.

Similar topics

Broader topics

Narrower topics

Other stories you might like

  • Emotet malware gang re-emerges with Chrome-based credit card heistware
    Crimeware groups are re-inventing themselves

    The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.

    Once the data – including the user's name, the card's numbers and expiration information – is exfiltrated, the malware will send it to command-and-control (C2) servers that are different than the one that the card stealer module uses, according to researchers with cybersecurity vendor Proofpoint's Threat Insight team.

    The new card information module is the latest illustration of Emotet's Lazarus-like return. It's been more than a year since Europol and law enforcement from countries including the United States, the UK and Ukraine tore down the Emotet actors' infrastructure in January 2021 and – they hoped – put the malware threat to rest.

    Continue reading
  • Even Russia's Evil Corp now favors software-as-a-service
    Albeit to avoid US sanctions hitting it in the wallet

    The Russian-based Evil Corp is jumping from one malware strain to another in hopes of evading sanctions placed on it by the US government in 2019.

    You might be wondering why cyberextortionists in the Land of Putin give a bit flip about US sanctions: as we understand it, the sanctions mean anyone doing business with or handling transactions for gang will face the wrath of Uncle Sam. Evil Corp is therefore radioactive, few will want to interact with it, and the group has to shift its appearance and operations to keep its income flowing.

    As such, Evil Corp – which made its bones targeting the financial sector with the Dridex malware it developed – is now using off-the-shelf ransomware, most recently the LockBit ransomware-as-a-service, to cover its tracks and make it easier to get the ransoms they demand from victims paid, according to a report this week out of Mandiant.

    Continue reading
  • We're now truly in the era of ransomware as pure extortion without the encryption
    Why screw around with cryptography and keys when just stealing the info is good enough

    Feature US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing scourge of ransomware.

    "Only by working together with key law enforcement and prosecutorial partners in the EU can we effectively combat the threat that ransomware poses to our society," said US assistant attorney general Kenneth Polite, Jr, in a canned statement.

    Earlier this month, at the annual RSA Conference, this same topic was on cybersecurity professionals' minds – and lips.

    Continue reading

Biting the hand that feeds IT © 1998–2022