Child protection among critical services affected by cyberattack on English council

Leicester City Council has announced that several of the local authority’s critical services are going to be unavailable until at least the middle of this week following a cyberattack.

The council shut down its IT systems as a precaution last Thursday while an unspecified cyber incident was being investigated.

After working over the weekend, the council announced on Monday that the incident was an attack and that “it will take until at least the middle of the week before we will be able to start the recovery process, beginning with our most critical services.”

The council has published several emergency numbers on its website for the affected services, including child protection, adult social care safeguarding, and homelessness.

Richard Sword, Leicester City Council’s strategic director of city developments and neighborhoods, said work is ongoing with “cyber security and law enforcement partners” and that Leicester is “learning from other councils who have had attacks, to identify the nature of the incident and the steps we need to take to get our systems back online.”

He added: “We apologise for the inconvenience this is causing. Council officers are working hard to ensure that our frontline services continue to operate with the minimum of disruption.”

Disruptive cyberattacks affecting local authorities have surged according to the most recent data security incident trends released by the Information Commissioner’s Office, with 67 ransomware attacks recorded in the first three quarters of 2023 compared to 13 during the whole of 2022.

An attack affecting Redcar and Cleveland Council in January 2020 had such an impact on the authority’s Children’s Services — which could have disrupted children going into foster care — that staff from the National Cyber Security Centre (NCSC) were forced to actually sleep in the council building to help recover the systems.

“We actually put beds in for them in order to see how quickly we could do that and move that forward,” the council’s then leader Mary Lanigan told a parliamentary inquiry last year.

Lanigan said she had been pressured by an unnamed government minister “not to go into a great deal of depth about what had happened,” in the wake of the attack — advice she said caused the council “a lot of issues.”

Leicester City Council has not confirmed that the incident is a ransomware attack. Beyond the emergency numbers provided, it has also not indicated the extent of the attack’s impact.

An NCSC spokesperson said: “We are supporting Leicester City Council to fully understand the impact of an incident.”

The incident comes as the British government is accused by a parliamentary committee of taking the “ostrich strategy” by burying its head in the sand over the “large and imminent” national cyber threat posed by ransomware.

Dame Margaret Beckett MP, the chair of the Joint Committee on the National Security Strategy, said it has become “ever clearer that Government does not know the extent or costs of cyberattacks across the country - though we’re the third most cyber-attacked country in the world – nor does it have any intention of commensurately upping the stakes or resources in response.”