Portsmouth City Council has confirmed that its website was targeted in a significant cyberattack, specifically a distributed denial-of-service (DDoS) attack, perpetrated by the hacking group NoName057(16). This attack did not just impact Portsmouth; reports indicate that more than a dozen local authorities across the UK were affected, including Bournemouth, Christchurch & Poole (BCP) Council, Medway Council, Exeter City Council, and Burnley Town Council. In light of this incident, council officials have reassured residents that personal and user data remained secure and that essential council services were not interrupted during the attack, emphasizing their commitment to transparency and community safety.
A DDoS attack involves overwhelming a website or server with traffic originating from multiple sources, effectively rendering it inaccessible to legitimate users. Portsmouth City Council reported that their website experienced significant disruptions due to the influx of malicious traffic, but they acted quickly to mitigate the effects. In a statement, the council indicated that while users might have faced difficulties accessing their site, there was no risk to sensitive data or ongoing services. They also noted that maintaining operational continuity for public services was a top priority during the incident.
The IT team at Portsmouth City Council, alongside their service providers, successfully restored functionality to the website within just two hours of the attack. The quick response highlights the effectiveness of their incident response plan and the importance of being prepared for such cyber threats. Council representatives expressed gratitude for the swift actions taken by their IT staff and reiterated their commitment to ensuring the integrity of their systems and the safety of their residents. Other affected councils, such as BCP Council, reported similar experiences, noting that their IT teams implemented effective countermeasures to limit the disruption caused by the attack, allowing them to maintain services with minimal interruption.
In response to the rising number of cyberattacks targeting local authorities, the National Cyber Security Centre (NCSC) has stepped in to provide guidance and support to the affected councils. This recent incident underscores the increasing threat posed by cybercriminals to public sector organizations and the necessity for robust cybersecurity measures. Local authorities are now prioritizing the implementation of advanced security protocols and training for staff to ensure they are prepared to respond to such attacks in the future. The ongoing evolution of cyber threats necessitates a proactive approach, and the response from Portsmouth City Council and others serves as a crucial reminder of the importance of vigilance and preparedness in safeguarding public resources and the sensitive data of their constituents. As cyber threats continue to evolve, collaboration between local councils and national cybersecurity bodies will be vital in bolstering defenses against future incidents.
Reference: