Sign up to our newsletter
Lincolnshire County Council has successfully thwarted attempts by cybercriminals to extort money from them and brought most of its systems back online, almost one week on from the ransomware attack.
The council revealed on Twitter that no data were stolen during the incident, which had affected a number of services delivered by the council. For example, as the BBC reported, social workers were unable to access case notes during the outage.
It was previously thought that the cybercriminals behind the attack had been asking for up to £1 million in return for unscrambling data that they had encrypted, but later this was revealed to be $500 (approximately £350).“People can only use pens and paper, we’ve gone back a few years.”
“People can only use pens and paper, we’ve gone back a few years,” Judith Hetherington-Smith, chief information officer at the council, told the broadcaster.
“[The attack] happened very quickly. Once we identified it we shut the network down, but some damage is always done before you get to that point – and some files have been locked by the software.”
She concluded by saying that the majority of files that had been encrypted would nevertheless be available to them, as they had been backed up as a security measure.
It appears that this has allowed the council to gain some leverage in this incident, meaning they have not had to swallow their pride and pay the ransom being demanded.
In its latest report on emerging trends in information security, ESET highlighted the growing nuisance posed by ransomware.
“We expect to continue seeing ransomware campaigns trying to exploit new attack surfaces by prohibiting users from accessing their information or services [in 2016],” ESET’s Camilo Gutiérrez Amaya said.
“The increasing trend toward more and more devices being supplied with an internet connection provides cybercriminals with a greater variety of devices that might be attacked.”
Author Narinder Purba, We Live Security