‘Spray attacks’ and 400,000 spam emails in a week: How Sunderland City Council is fighting back against cyber criminals

editorial image

Sunderland City Council (SCC) is upping its defences against cyber attacks with a raft of new proposals, including extra training for councillors.

Last year, Newcastle City Council’s website was caught up in a global computer attack by hackers attempting to make money from crypto currencies such as Bitcoin.

The major cyber crime affected several websites, including those belonging to central and local government, the NHS and even the US supreme court.

This week, SCC’s Scrutiny Co-ordinating Committee will receive an update on efforts to prevent attacks and ‘maintain good cyber hygiene’ in Wearside.

A council report drafted for councillors states Sunderland has faced an increased volume of cyber attacks over the last six months.

This included phishing emails, ‘spoofing’ emails pretending to be from ‘sunderland.gov.uk’ addresses and at least one Distributed Denial of Service (DDoS) attack causing disruption.

Officers have also evidenced a ‘spray attack’ where a number of accounts were locked out after “malicious and unsuccessful attempts to log in.”

And in just one week alone in November 2018, the council received nearly 400,000 spam emails 

Following national guidance published by the National Cyber Security Centre last year, city leaders are seeking to build resistance to cyber criminals.

Plans including improving security, updating and replacing patches for software part of a shift to Windows Ten and making sure default passwords are  changed.

In November last year, the Local Government Association also published a ‘cyber-stocktake’ based on a questionnaire completed by councils.

While SCC received ‘green’ and ‘amber’ ratings in several areas, it was labelled red in ‘technology standards and compliance’ and ‘detection’.

Council bosses plan to fill these gaps by introducing a new ‘Security Incident and Event Monitoring System’ this year, alongside improving online training and specific training for councillors.

A council report adds: “It’s recommended that scrutiny note the steps already taken to protect the authority and those planned for 2019 whilst appreciating that there is no silver bullet that guarantees 100 per cent protection.”

Councillors will discuss the cyber crime refresh on Thursday, January 17 at Sunderland Civic Centre.

The meeting starts at 5.30pm and for more information, visit: www.sunderland.gov.uk

Chris Binding , Local Democracy Reporting Service