A cyber-attack on Redcar & Cleveland Borough Council earlier this year has reportedly cost around £10m in recovery costs.
The attack, which took place in February, caused online public services to be unavailable for 135,000 locals for over a week. According to Teesside live, the local authority stated a figure of £10.4m in a budget update report provided to members of its cabinet.
Specifically, costs required for infrastructure and system recovery or replacement cost £2.4m, while the cost to individual council directorates was the worst hit, and accounted for £3.4m. There was also a cost impact of just under £1m as a result of a reduction in enforcement income and lower collection levels for both council tax and business rates towards the end of the 2019/20 financial year, caused by computer systems being out of action for a period.
The report also claimed the council acted quickly and effectively, working extremely hard to mitigate the effects on key services and most vulnerable residents, whilst it “permeated almost all functions of the council and the required response and consequential impact had an inevitable bearing on its finances.”
Whilst the council had industry standard tools deployed to secure its computer network at the time of the attack, which it said had been configured to provide optimum protection, it has since made additional improvements to its cyber-defenses, with further upgrades planned.
“We are also on the list of pilot authorities to enroll on a National Cyber Security Center (NCSC) scheme which will provide threat intelligence information exchange between the council and NCSC,” the report said. “The result of all of this is that the council’s cyber-defenses will be far more advanced than most peers in local government.”
Jake Moore, cybersecurity specialist at ESET, said that even though this was not confirmed to be ransomware, it is a persistent threat to businesses and organizations of all sizes, “yet some forget the importance of securing systems and protecting data from the inevitability of an attack.”
He added: “Regardless of its simplicity, this malware can cost millions, but when organizations are bailed out from either insurers or government, I fear the ever-needed lesson just won’t sink in. There are multiple ways to reduce the risks of attacks like this, such as cold storage backups and reduced user access – but complacently seems to remain in place for many.
“Despite huge emphasis on cybersecurity, large corporations still fail to secure the perimeter and in failing to do so many lose millions of pounds. It seems it is easier for organizations to find money when they are forced to get back up and running, rather than asking for much less in preparation and prevention.”
Javvad Malik, security awareness advocate at KnowBe4, said: “With most organizations heavily reliant on digital systems, the impact of even a minor incident cannot be underestimated. Ransomware attacks are particularly devastating as they render all systems and data unusable, giving organizations few choices.
“Even if backups are available, there are costs associated with wiping systems, restoring them from backups, reporting to regulators, customers, and partners, and having alternate processes in place.
“It’s therefore more important to have strong and layered security controls in place that can prevent attacks from being successful in the first place, or to be able to quickly detect and respond where they have been able to get into systems. Only then can organizations minimize the economic impact of cyber-attacks to a manageable level.”