Lincolnshire County Council hit by £1m malware demand

  • Published
Ransom32Image source, BleepingComputer
Image caption,
An example of a ransomware demand

Lincolnshire County Council's computer systems have been closed for four days after being hit by computer malware demanding a £1m ransom.

Ransomware encrypts data on infected machines and only unscrambles it if victims pay a fee.

The authority said it was working with its computer security provider to apply a fix to its systems.

Chief information officer Judith Hetherington-Smith said only a small number of files were affected.

She said the authority took action once the malware was identified and shut its systems down.

Media caption,

Technology explained: what is ransomware?

This meant some services were affected, including libraries and online booking systems.

Mrs Hetherington-Smith said: "People can only use pens and paper, we've gone back a few years."

Talking about the attack, she said: "It happened very quickly. Once we identified it we shut the network down, but some damage is always done before you get to that point - and some files have been locked by the software.

"A lot of the files will be available for us to restore from the back-up."

The council is "hopeful" most systems will be back working early next week.

It described the ransomware as "the biggest attack" it had ever experienced, adding it was "zero-day malware", meaning it was previously unknown to security experts.

The authority said it was "unfortunate to be the first victim", and was confident it had appropriate security measures in place.

Lincolnshire Police have confirmed they are investigating the attack.

The Information Commissioner's Office, which is responsible for the enforcement of the Data Protection Act 1998, said it was aware of the incident.

Update: It later became clear that the demand for a £1m ransom - information provided by the council - was actually for substantially less. This has been covered in a follow-up report.

Related Internet Links

The BBC is not responsible for the content of external sites.