Islington Council IT system ‘under attack by crime syndicates...and teenagers in their bedrooms’
- Credit: Archant
A report has revealed Islington Council’s IT system is under near-constant fire from teenage hackers and crime syndicates.
In April alone, the council’s digital services department blocked more than 900,000 spam or phishing emails, many of which tried to “compromise” town hall information – an average of 20 every minute.
The report, set to be heard by the council audit committee tonight, also addressed October’s potentially disastrous data breach on its TicketViewer site for parking appeals.
As revealed in the Gazette, it emerged personal information about penalty charge notices was freely available. Details included scanned cheques, medical information to justify appeals – and even one person’s prison record.
It was a concerned citizen who raised the alarm. Tonight’s report reads: “If the failure had been exploited maliciously, the entire contents of the parking database could have been stolen by cyber criminals and/or placed irretrievably in the public domain.”
You may also want to watch:
The council reported its own error to the Information Commissioners Office, prompting a review.
The report also described external threats to the authority: “Like all digitally enabled organisations, Islington Council is under constant attack.
- 1 Police cordon in place after Essex Road pub 'assault'
- 2 Petrol station forecourts closed and long queues in north London
- 3 How some Islington tenants are losing their homes in a matter of minutes
- 4 Finsbury Park man arrested on suspicion of second north London murder
- 5 Thousands of care home staff yet to be vaccinated in London
- 6 Man killed in 'shooting' in north London
- 7 Man killed and two injured in triple shooting
- 8 Appeal to find four children missing from north London with father and grandmother
- 9 Helen Anderson: Finsbury Park murder victim's father pays tribute to his daughter
- 10 Man jailed for rape of young girl in north London 40 years ago
“The threat is sustained and growing. Our attackers come in many forms from the archetypical teenage hacker in their bedroom through to crime syndicates and the proxies of nation states. The vast majority of these attacks are untargeted – those perpetrating them have nothing specific against Islington Council.
“A smaller number may be targeted at us.”
It adds: “Our attackers have many motivations, including financial gain, publicising their causes and malice whether they be specific to Islington Council, the wider public sector, the UK, or general western interests.”
Referring to incidents such as October’s leak, it added: “We also face the risk of unintentional vulnerabilities or accidental actions resulting in information security breaches.
“These can result in significant business disruption and reputational damage. If criminals become aware of them, they may exploit them further.
“Both malicious and accidental actions can cause information breaches.
“Both must be managed as security incidents.”