Redcar Council suffered £10.14m loss due to February ransomware attack

A ransomware attack targeting the Redcar and Cleveland Borough Council's IT systems in February inflicted a financial loss of £10.14m to the Council, forcing it to seek additional budgetary support from the government.

In a budget update report published 4th August, the Redcar council cabinet stated that the ransomware attack resulted in "total forecast impact of £10.144 million", adding that it is still relatively difficult to determine what the ultimate impacts of this unprecedented incident will be even though the attack took place in February.

The Council said that prior to the cyber attack, it had "industry-standard tools deployed to secure its network" that were configured to provide optimum protection as per the standards set out by the Public Services Network (PSN). However, these measures proved inadequate in preventing the cyber attack.

"In terms of our response to the cyber-attack, the council acted quickly and effectively, working extremely hard to mitigate the effects on our key services and most vulnerable residents. However, the attack did permeate almost all functions of the council, and the required response and consequential impacts will have a bearing on the council’s finances," the council said.

"Best estimates have been made and refined along the way as our recovery work has progressed. The council has worked closely with government on our response and recovery, and have been in regular dialogue regarding government support for the estimated financial impact on the council.

"A total forecast impact of £10.144 million was provided to government, along with further information to inform their due diligence process. This has now concluded and the government have agreed to provide support to the council in dealing with this financial impact," it added.

Aside from making additional improvements to its cyber defences in the aftermath of the ransomware attack, Redcar council added itself to the list of pilot authorities to enrol on a National Cyber Security Centre (NCSC) scheme which will provide threat intelligence information exchange between the council and NCSC.

When the ransomware attack targeting Redcar council took place, Matt Rahman, COO for IOActive, told TEISS, that in order to avoid such devastating cyber attacks, organisations must adopt a 'cybersecurity by design' framework or process – with networks, systems, applications and technologies designed and built with security in mind - enabling them to take a proactive approach

"This way, you have a clear understanding of what you’re connecting, who is using it and where it’s appearing within the organisation and how do you monitor it for security events. Essentially, you’re looking holistically at your entire technology ecosystem.

"As you have the right processes in place, organisations can respond quickly and effectively to potential breaches or vulnerabilities as and when they occur – and importantly, remediate any incidents that do occur quickly," he added.

Carl Wearn, Head of E-Crime at Mimecast, said that those responsible for leading any organisation’s cyber security must take sensible precautions such as non-networked backups, email and archiving fall-backs. This current threat should be a stark reminder that “it will always happens to someone else, not us ” attitude can no longer reside.

MORE ABOUT: