St Helens Borough Council in Merseyside has fallen victim to a suspected ransomware attack, according to an official statement released on Monday, August 21. The local authority has described the incident as a “complex and evolving situation,” with cybersecurity experts currently investigating the breach.
The ransomware attack, a type of cyber threat where criminals encrypt files and demand payment for their release, has affected some of the council’s internal systems. Though full details of the attack have yet to emerge, the council has assured residents that the majority of customer-facing systems remain operational.
In recent years, ransomware attacks have become a significant threat to organizations, with high-profile incidents such as the 2017 attack on the NHS. UK councils have faced an increasing number of cyberattacks, with some, like Redcar and Cleveland Council and Hackney Council, facing millions of pounds worth of damages.
St Helens Council has taken immediate actions, including engaging external cybersecurity support and forensics to investigate further. “We have now put in place a number of security measures to keep our IT networks running safely,” a spokesperson said. The council is also providing its services via its website and has urged residents to be mindful of their online safety, warning of potential phishing scams related to the breach.
The incident at St Helens comes amid reports of outdated cybersecurity measures across many UK councils. A recent survey by TechnologyOne found that almost 59% of senior leaders at local authorities considered their approach to cybersecurity outdated, and only a quarter ranked it among their top three priorities.
Mike Newman, CEO of My1Login, an identity and access management specialist, emphasized the need for robust cyber defenses. “Ransomware is the most prominent [form of] cyber attack today, and the volume of attacks is reaching record highs,” he said. Newman encouraged organizations to move away from password-based security mechanisms, as phishing and credential theft are common attack vectors used to deploy ransomware.
As St Helens Council continues to work through the situation, the incident serves as a stark reminder of the ongoing and ever-evolving threat of cyberattacks. The council’s efforts to contain and resolve the issue will be watched closely, not only by the approximately 180,000 residents of the area but also by other councils and organizations that must be vigilant against the persistent danger of ransomware.
For tips on how to stay safe online and recognize potential scams, St Helens Council directs residents to www.sthelens.gov.uk/watchoutforscams. The council, along with its cybersecurity specialists, remains committed to resolving this incident and ensuring the safety of its networks and data.
