Three native councils in the UK proceed to expertise disruption to their on-line providers, per week after confirming a cyberattack had knocked some methods offline.
The councils for Canterbury, Dover, and Thanet — all of that are based mostly within the U.Okay. county of Kent and have a mixed inhabitants of virtually 500,000 residents — mentioned final week that they had been collectively investigating an unspecified “cyber incident” that had disrupted council tax funds and on-line types.
Questions stay in regards to the incident, together with whether or not private information was accessed. Robert Davis, a spokesperson for Canterbury Metropolis Council, advised information.killnetswitch final week that the council’s preliminary investigation means that no buyer information was accessed.
Nonetheless, the U.Okay.’s Data Commissioner’s Workplace advised information.killnetswitch on Friday that the info regulator has obtained a breach report from the three councils.
“We’ve obtained breach report types from three Kent Councils who type a three-way partnering service: Thanet District Council, Dover District Council and Canterbury County Council, and will likely be making enquiries,” ICO spokesperson Rashana Vigerstaff mentioned.
information.killnetswitch understands that the continued incident is linked to EKS, or East Kent Companies. EKS was arrange by Canterbury, Dover, and Thanet in 2011 earlier than it was outsourced to Civica in 2018, and is utilized by all three councils to ship quite a few IT and HR providers together with funds, advantages, and debt restoration.
information.killnetswitch discovered final week that a few of Canterbury Metropolis Council’s cost methods, offered by EKS, had been unavailable. These providers stay down on the time of writing — as is EKS’ web site, which has now been offline for at the very least seven days.
information.killnetswitch has contacted a number of individuals at EKS however has not but obtained a response. The corporate has but to make a public assertion relating to the cyberattack, the character of which stays unknown.
Based on a Mastodon submit from security researcher Kevin Beaumont, EKS’ Pulse Safe VPN server can also be offline, suggesting a doable hyperlink to the widespread exploitation of two crucial zero-day vulnerabilities in Ivanti’s broadly used company VPN equipment.
Davis, the spokesperson for Canterbury Metropolis Council, didn’t reply to questions from information.killnetswitch despatched Friday, however a discover on the council’s web site notes that residents stay unable to “apply for, report one thing or pay for many providers on-line in the meanwhile” whereas it continues to analyze the incident.
Dover District Council spokesperson Andy Steele additionally didn’t reply to information.killnetswitch’s questions, however the council has additionally confirmed in an up to date discover that it’s “nonetheless experiencing technical difficulties” with a few of its methods, together with its advantages, council tax, and enterprise charges portal. The council notes that the problems affecting its on-line types have been resolved.
Thanet District Council spokesperson Clare Winter shared an up to date assertion with information.killnetswitch, which has additionally been revealed on the council’s web site. “Thanet District Council is presently limiting entry to quite a few its on-line methods,” the assertion reads. “This can be a proactive determination following stories of a possible security incident.”
Canterbury and Thanet councils word of their statements that their downed IT providers, which embrace on-line types and planning purposes, usually are not offered by Civica.
In an e-mail to information.killnetswitch on Friday, Civica spokesperson Fintan Hastings reiterated that Civica’s methods had been unaffected. Hastings mentioned that Civica doesn’t present instruments for monitoring and managing data property equivalent to purposes, infrastructure, operational supply, and IT property, however added that Civica offers the councils with revenues and advantages, debt restoration, and buyer providers.
