Ransomware attack strikes Scottish council, disrupts public services

Comhairle nan Eilean Siar, Scotland’s sole Gaelic-only named council, suffered a major cyber incident last week that impacted public services, payments to creditors and put its website out of action.

Comhairle nan Eilean Siar is Scotland’s sole Gaelic-only named council and caters to citizens, businesses and visitors to the Na h-Eileanan Siar council area, also known as the Western Isles. According to Scottish government records, Na h-Eileanan Siar had a population of 26,640 in 2021 and its council is based in Stornoway in the Isle of Lewis.

The local council announced on 8th November that it was responding to a cyber security incident that had a significant impact on public services and other operations. "Access to Comhairle nan Eilean Siar’s IT system has been affected by an incident which has caused significant disruption," it posted on X, formerly known as Twitter.

 

The council said it was working with the Scottish government and taking professional advice to establish the root cause of the incident and to restore affected services at the earliest.

"The current priority is to restore and secure data and ensure the continued delivery of services to those in our communities who need them most. Work is underway to redirect public phone numbers which will allow key services to be contacted," it added.

The council issued another update about its progress in a series of tweets on Thursday, stating that it was working towards setting up a temporary website to allow members of the public to access key information. Though the council had restored its email system, work was underway to redirect numbers for key public services so that residents could contact officials during working hours.

Comhairle nan Eilean Siar also indicated that cybercriminals possibly encrypted its files after launching a cyber attack by stating that restrictions to file access had affected its ability to make payments to creditors and delayed benefit and support payments.

"The impact to IT systems has also meant that invoices due to creditors cannot be paid at this time. The Comhairle appreciates the impact late payments can have and is working to resolve these issues as soon as possible. The Comhairle will be in contact with the affected individuals to provide updates and support," it added.

 

Commenting on a ransomware attack targeting the Comhairle, William Wright, CEO of Closed Door Security, said smaller organisations such as councils in remote locations in Scotland are lucrative targets for cyber criminals as they often don’t benefit from big security budgets to keep determined attackers out of their networks.

"This is reminiscent of the SEPA ransomware attack and could potentially have a similar timeline, bringing many vital services to a standstill for a prolonged period of time," he added.