Hackney Council spends £12.2 million in wake of ransomware attack

Hackney spent millions on cyber recovery work and replacing systems affected by the hackers

Posted 18 October 2022 by Christine Horton

Hackney Council has revealed it has spent £12.2 million in the last financial year in the aftermath of its October 2020 ransomware attack.

The figure includes more than £444,000 spent on IT consultancy, £152,000 on recovery of the Mosaic systems used for social care data, and £572,000 on the housing register in the last financial year.

The numbers were disclosed to the Hackney Citizen during the annual inspection of council accounts.

The publication said that Hackney Town Hall spent millions on cyber recovery work and replacing systems affected by the hackers as staff were working to support residents through the pandemic.

The attack wreaked havoc across the council’s services, causing delays with benefits claims, adding people to the housing register, and land registry searches.

However, Hackney Council said it has never paid ransom and never would. Said that “the vast majority of the sensitive or personal information held by the council is unaffected”.

The council hit the headlines again in February 2022 when it reportedly refused answer questions over whether it gave staff extra cybersecurity training when they had to work from home. It faced questions from the Information Commissioner’s Office (ICO), which served an information order on the council after it didn’t “give a substantive reason” for its refusal to answer questions.

The National Crime Agency (NCA) is still investigating the attack.

Hackney not alone in being targeted

Cybersecurity vendors were quick to weigh in on the news. Chris Vaughan, area VP and technical account manager EMEA at Tanium said the huge costs weren’t surprising and there are several other examples of UK councils suffering from similar intrusions.

Gloucester City Council discovered its systems had been breached in December 2021 and it has reportedly taken months to get their systems fully up and running again, he said.

“In February 2020 cybercriminals launched a ransomware attack on Redcar and Cleveland Council, overcoming its defences, despite the fact that in a subsequent investigation the council’s auditor described the council as having ‘proper arrangements and controls in place to reduce the likelihood of a cybersecurity breach’ given the resources available. The council’s entire computer system was taken down in minutes via a single email with an infected attachment.

“The large costs associated with these attacks are hard to avoid once the breach has happened, so to save taxpayers money we recommend that organisations should focus on proactive security measures rather than relying simply on reactive ones – which is what we see in some cases.”

 Elsewhere, Matt Aldridge, principal solutions consultant at OpenText Security Solutions noted that the impact of the Hackney breach went far beyond the monetary costs of recovery. It caused severe delays across a range of important services including benefit claims, Covid support grants, council tax rebates and more – long after the initial breach.

“As the public sector continues to be a target given the nature of the data they handle, IT admins need to make sure to put the appropriate processes and technology in place to protect themselves against threats, including ensuring that their backup and recovery processes cannot be interfered with during an attack,” he said.