Islington Council IT system ‘under attack by crime syndicates...and teenagers in their bedrooms’
- Credit: Archant
A report has revealed Islington Council’s IT system is under near-constant fire from teenage hackers and crime syndicates.
In April alone, the council’s digital services department blocked more than 900,000 spam or phishing emails, many of which tried to “compromise” town hall information – an average of 20 every minute.
The report, set to be heard by the council audit committee tonight, also addressed October’s potentially disastrous data breach on its TicketViewer site for parking appeals.
As revealed in the Gazette, it emerged personal information about penalty charge notices was freely available. Details included scanned cheques, medical information to justify appeals – and even one person’s prison record.
It was a concerned citizen who raised the alarm. Tonight’s report reads: “If the failure had been exploited maliciously, the entire contents of the parking database could have been stolen by cyber criminals and/or placed irretrievably in the public domain.”
You may also want to watch:
The council reported its own error to the Information Commissioners Office, prompting a review.
The report also described external threats to the authority: “Like all digitally enabled organisations, Islington Council is under constant attack.
- 1 Man in hospital with potentially 'life-changing' injuries following stabbing
- 2 Changes made to St Peter's LTN after Packington Estate used as rat run
- 3 Islington shooting victim named
- 4 Phone snatcher admits guilt after robberies in Islington, Hackney and Tower Hamlets
- 5 Rise in London Covid rates, but people aged 25-30 can book vaccine
- 6 Missing: Highgate woman known to frequent Camden and Islington areas
- 7 Largest beer garden in North London being built for Euro 2020
- 8 Murder investigation launched after teenager is shot in Islington
- 9 Islington is getting a big name restaurant
- 10 Increased police presence in Islington after teenager shot in the head
“The threat is sustained and growing. Our attackers come in many forms from the archetypical teenage hacker in their bedroom through to crime syndicates and the proxies of nation states. The vast majority of these attacks are untargeted – those perpetrating them have nothing specific against Islington Council.
“A smaller number may be targeted at us.”
It adds: “Our attackers have many motivations, including financial gain, publicising their causes and malice whether they be specific to Islington Council, the wider public sector, the UK, or general western interests.”
Referring to incidents such as October’s leak, it added: “We also face the risk of unintentional vulnerabilities or accidental actions resulting in information security breaches.
“These can result in significant business disruption and reputational damage. If criminals become aware of them, they may exploit them further.
“Both malicious and accidental actions can cause information breaches.
“Both must be managed as security incidents.”