Hackers hack Hackney: Local government cries 'cyberattack' while UK infosec officials rush to figure out what happened
Check bank accounts, don't open council emails, you know how this goes
Hackney Council in East London has declared that it was hit by a "cyberattack" – but both the authority and officials from the National Cyber Security Centre (NCSC) remain tight-lipped about what actually happened.
In a statement published on the council website this morning, local mayor Philip Glanville said: "Hackney Council has been the target of a serious cyberattack, which is affecting many of our services and IT systems."
Worryingly for the public, neither the council nor the NCSC appears to be in control of said "cyberattack". Officials refused to answer The Register's questions this morning about it or even to say what the nature of the "attack" was.
The council website said that residents "may experience difficulty" accessing its One Account and online payments systems. Nonetheless, prudent users should avoid entering payment card or bank account details into Hackney Council's website until officials get the attack under control and confirm it has been halted.
Although Hackney Council's payments pages appear to be hosted on gov.uk, a Cabinet Office spokesman said the Government Digital Service's flagship project hadn't been affected by the "cyberattack."
Concerned locals and businesses should check their online bank balances immediately and flag up any suspicious transactions with bank staff. In light of the lack of any further information at all, it is wise to change any username and password combinations reused on other websites as well as Hackney Council's.
In the absence of any further information, do not open emails appearing to come from the council, click links in emails from the council, or open attachments to emails appearing to come from people connected to the council.
Glanville added in his canned statement: "Council officers have been working closely with the National Cyber Security Centre, external experts and the Ministry of Housing, Communities and Local Government to investigate and understand the impact of the incident."
A council spokesman referred our enquiries to the National Cyber Security Centre.
NCSC's spokesman also said nix, nada, zilch, though he did ask whether we had read the NCSC website. That features two whole sentences about the Hackney hacking, which we reproduce here:
We are aware of an incident affecting Hackney Borough Council. The NCSC is supporting the organisation and working with partners to understand the impact of this incident.
Jake Moore, a cybersecurity specialist at Slovakian infosec firm ESET, said what everyone tends to assume whenever an organisation starts wailing about a "cyberattack" having struck: "This bears all the hallmarks of a ransomware attack."
He continued: "What we should be worried about is the new direction that threat actors are taking these days, where they not only encrypt the data but they threaten to release it too. Councils which may lack funding, and consequently may not have the strongest network protection, can be an easy target for those looking for vulnerabilities to exploit."
Ransomware gangs tend to target local government organisations in the US, though targeting Brit councils is not unheard of. Back in June, a public sector company called Commercial Services Group, a wholly owned subsidiary of Kent County Council, faced a ransomware demand for 102 Bitcoins. ®