More than a quarter of UK councils admit ransomware woes
FOI requests submitted by Barracuda reveal how many councils have been hit by ransomware, with just one paying the ransom
Over a quarter of UK councils have admitted being hit by a ransomware attack, according to Freedom of Information (FOI) data compiled by Barracuda.
The FOI requests, sent to 430 councils in the UK, saw 27 per cent of all respondents, or 115 councils, admit to falling victim to ransomware.
Forty-three per cent of respondents said they had not been successfully attacked by ransomware, while 30 per cent didn't respond because their IT services are outsourced.
Of those affected, just one council admitted to shelling out the ransom to unlock their data, but refused to reveal how much they paid*.
There are 418 principal authorities in the UK, as well as thousands of smaller parish and town councils.
Barracuda's research found that most councils did not pay the ransom fee because their data was backed up.
Chris Ross, senior vice president at Barracuda, said: "While it's promising that the majority of councils affected were able to remediate ransomware attacks quickly due to their backup system working correctly, it's still disappointing that so many of them fell victim to ransomware in the first place."
Seventy per cent of respondents claimed to have backup systems in place, with 30 per cent not responding - which Barracuda attributed to these councils outsourcing their IT services.
Ransomware nightmare
Ransomware in the public sector has been a hot topic since the NHS was crippled by Wannacry in May.
Public sector bodies running the unsupported Windows XP have come in for particular criticism after the OS was found to be especially vulnerable to Wannacry, leading Microsoft to take the unprecedented step of restarting its support for the OS.
The Metropolitan Police was in June dubbed "a fish swimming in a pool of sharks" for still having 18,000 machines on XP, while last week Greater Manchester Police said over 20 per cent of its machines were still on the OS.
*Barracuda has since informed CRN of an error in its research. The correct data shows that none of the councils contacted said they had paid a ransom to unlock their data