A cyber-attack sourced as Russian hackers could cost the Gloucester City council £1m to fix, leaders have warned.
Benefit payments, planning applications and house sales were delayed after Gloucester City Council’s IT systems were compromised last December (2021), leading to a mass shortage of funds for the public, making it troubling times for many last Christmas.
Off the back of this, the city authority had to rebuild all of its servers after malware infected its systems. Officers have been working to restore services but costs keep rising, the Local Democracy Reporting Service said.
The harmful software was embedded in an email which had been sent to a council officer. Known as sleeper malware, it is understood to have been dormant for some time before it was activated. The cyber-attack is said to have already cost the council £787,000, with this figure continuing to grow 10 months on.
Liberal Democrat group leader Jeremy Hilton asked councillors on 29 September how much it had cost so far to restore the IT systems and what the estimated final bill would be.
“Every time I ask the question about the costs of the cyber-attack recovery, the cost rises more and more. Can you reassure members of the council that the final bill will not be more than £1m?”
Deputy leader of the council Hanna Norman (Cons) told the meeting she could not give that assurance. She said all parties involved in the recovery were doing it in the most cost-effective manner because they were spending Gloucester taxpayers’ money.
“I can give you the assurance that every penny we spend is scrutinised and we are making decisions based on value for money and what is right operationally for this authority and therefore Gloucester residents.”
She confirmed the council had spent £787,000 spent to date, of which £142,000 went on capital works.
Following the attack, Gloucester City Council said its sources alleged the cyber-attack was carried out by hackers from Russian intelligence. This has been a common problem faced by the world in the last year, with many other organisations having been infected by cyber-attacks. Here are some recent case studies surrounding these cyber-attacks.
A recent case study…
A similar attack took place earlier this year (January 2022), costing Safestyle UK an underlying profit for the first half of this year. The attack in January caused disruption to customer service and a delay to a planned material price increase – with a £4m impact as a result.
The “sophisticated” cyber-attack saw Safestyle bring in specialists and take precautionary measures with its IT infrastructure, including taking its systems offline. It did however remain operational, although some of the contact centre response times were longer than usual. Nevertheless, the operational impact ran into the millions.
The PVCu windows and doors manufacturer recorded an underlying loss of £1.4m in the first half of this year, compared to an underlying profit of £5.1m in the same period last year. The business initiated a £5m strategic investment programme this year that includes TV advertising, new business development, the Safestyle Academy to train fitters, as well as a range of actions to improve customer experience and reduce its cost of quality.
Mike Gallacher, CEO said: “Despite the obvious financial impact of the cyber-attack, it is pleasing to see our net cash position remains strong, increasing to £13.0m at period end with the Group’s order book also growing by 17.7% over the first half, representing a closing position that was 17.6% ahead of the prior period.
“In 2022 we emerged from a sustained period of turbulence and have now initiated a multi-year strategic investment programme.
“This programme is designed to modernise the business, drive growth and build sustainable competitive advantage over the medium term.”
He added that looking ahead they “still expect the business to deliver both an (underlying) profitable full year and positive cashflow from operations” with full-year underlying profit expected to be “no lower than £1.0m”.
Russia’s invasion of Ukraine has impacted organisations within and beyond Europe, with the US homeland also experiencing cyber-attacks sourced from Russia. Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization—large and small—must be prepared to respond to disruptive cyber incidents.
You can check out previous news surroudning the threat of Russian cyber-attacks using the link below.