Islington Council IT system ‘under attack by crime syndicates...and teenagers in their bedrooms’
- Credit: Archant
A report has revealed Islington Council’s IT system is under near-constant fire from teenage hackers and crime syndicates.
In April alone, the council’s digital services department blocked more than 900,000 spam or phishing emails, many of which tried to “compromise” town hall information – an average of 20 every minute.
The report, set to be heard by the council audit committee tonight, also addressed October’s potentially disastrous data breach on its TicketViewer site for parking appeals.
As revealed in the Gazette, it emerged personal information about penalty charge notices was freely available. Details included scanned cheques, medical information to justify appeals – and even one person’s prison record.
It was a concerned citizen who raised the alarm. Tonight’s report reads: “If the failure had been exploited maliciously, the entire contents of the parking database could have been stolen by cyber criminals and/or placed irretrievably in the public domain.”
The council reported its own error to the Information Commissioners Office, prompting a review.
The report also described external threats to the authority: “Like all digitally enabled organisations, Islington Council is under constant attack.
- 1 Shell casings found after Islington gun reports
- 2 Seven Sisters stabbing: Three jailed over Green Lanes gang killing
- 3 Disqualified driver jailed after hit-and-run involving Islington schoolgirl
- 4 Covid patients in north London hospitals with Plan B rules set to lift
- 5 Artisan coffee house opens in Angel Central following £16m refurbishment
- 6 How often do Londoners cycle to work in each borough?
- 7 Plan to extend popular Gooners pub with shops and flats
- 8 Four Hackney and Islington properties with amazing skyline views
- 9 Five appear in court charged with drugs offences after dawn raids
- 10 Blue Badge exemption and positive results for Canonbury East LTN
“The threat is sustained and growing. Our attackers come in many forms from the archetypical teenage hacker in their bedroom through to crime syndicates and the proxies of nation states. The vast majority of these attacks are untargeted – those perpetrating them have nothing specific against Islington Council.
“A smaller number may be targeted at us.”
It adds: “Our attackers have many motivations, including financial gain, publicising their causes and malice whether they be specific to Islington Council, the wider public sector, the UK, or general western interests.”
Referring to incidents such as October’s leak, it added: “We also face the risk of unintentional vulnerabilities or accidental actions resulting in information security breaches.
“These can result in significant business disruption and reputational damage. If criminals become aware of them, they may exploit them further.
“Both malicious and accidental actions can cause information breaches.
“Both must be managed as security incidents.”