Hammersmith And Fulham (Parliament Politics Magazine) – Hammersmith & Fulham Council faces 20,000 daily cyberattacks, prompting security measures like anti-phishing and improved firewall rules to protect data.
The 20,000 per day rate is considered to be average for an organization of its size and type, with phishing being one of the primary problems encountered.
This occurs when fake communications are delivered to the victim in an attempt to get personal information or money, whether via social media, email, or other channels.
How are London Councils battling the rising threat of Cyber Attacks?
According to a spokesman for the umbrella organization London Councils, attacks in boroughs in recent years have risen and caused substantial inconvenience and huge expenses.
Recent cases include, for example the ransomware hack of Hackney Council in October 2020, when resident and staff member personal data had been published to the public.
According to a recent study by the Local Democracy Reporting Service (LDRS), the council anticipates spending hundreds of thousands of pounds over what was expected to recover from the attack.
The local government received a warning by the Information Commissioner’s Office (ICO) in July of last year for having “inadequate security and procedures to protect personal data.” The council disapproved of the conclusions.
Last year, a significant cyberattack also affected Transport for London (TfL), forcing it to shut down numerous internet services for several months.
Cllr. Rory Vaughan inquired about the budgeted amount for cyber security for the upcoming year during a meeting of the Hammersmith and Fulham Policy and Oversight Board last week.
According to council papers, more funding is planned for 2025–2026 to enhance cyber security infrastructure and procedures while also providing workers with frequent updates.
The council has set aside £124,000 for its Digital Inclusion Strategy, which includes spending on cyber security and funding initiatives to assist locals in becoming more computer literate.
Referencing instances like the Hackney case, Cllr Vaughan questioned whether the expenditure aims to boost the council’s defenses against cyberattacks and provide citizens with more ease when communicating with the local government online.
A number of cyberattacks have targeted the public sector, including Hackney, the British Library, and Guy’s and St. Thomas’ NHS Foundation Trust, according to Cllr Rowan Ree, Cabinet Member for Finance and Reform.
He said:
“We’re very alive to the threat of this. There are 20,000 attempted cyber attacks on the council every day. That shows the scale of the challenge that we’re facing.”
Cllr. Vaughan also inquired about the training being offered by the local government to prevent phishing and other similar attacks. Councillor Ree admitted that phishing is a serious issue, pointing out that ‘strange emails’ have probably been sent to council members as well as workers in the past year.
He said:
“We have to make sure that everybody who’s in a role where you’re susceptible to get these sorts of emails has got the proper understanding so that they can combat cyber attacks like this.”
A spokesperson for Hammersmith and Fulham Council said:
“We have applied aggressive anti-phishing and anti-spam policies and enhanced firewall rules that block suspicious traffic.”
A London Councils spokesperson said:
“Every London borough is vigilant to the risk of cyberattacks, which can range in severity and impact. In recent years we’ve seen several boroughs across the capital subjected to major attacks, sometimes leading to considerable disruption to services and costs to the boroughs.
All London boroughs invest in cyber security tools and processes to keep their systems safe. We also collaborate to share insights and intelligence about potential threats to maintain the smooth-running of local services.”
What specific measures have been taken by the council to counter these cyberattacks?
Network segmentation, which stops and records anomalous activity within the council’s network, was implemented to stop attackers from switching between servers.
To monitor and react to any suspicious activity in real time, they implemented a controlled security information and event management system (SIEM).
The council implemented new security technologies to improve email security. This enables employees to report any suspicious activity.
