No Place For Cyber Complacency
Published on 23/05/22
Cyber security is growing in urgency and while district councils are smaller in scale, they cannot afford to be complacent as shown by the recent attack which hit Gloucester City Council.
The launch of the UK’s first Government Cyber Security Strategy suggests cyber security in local authority is soon to come under greater scrutiny. Announcing the strategy, Chancellor of the Duchy of Lancaster and Minster for the Cabinet Office, Steve Barclay, said his priority was to ensure UK government at all levels was more resilient to cyber-attacks.
“Our core government functions from the delivery of public services to the operation of National Security apparatus must be more resilient than ever before to cyber-attacks. This aim accounts for all public service organisations – including across local government, and the health and education sectors – which in many cases are starting from a very low level of maturity,” he said, “By the very nature of their activities, some of these organisations regularly face more sustained, determined, and well-resourced attacks on them.”
A new Government Cyber Coordination Centre – a joint venture between the Government Security Group, the Central Digital and Data Office and the National Cyber Security Centre – will be created and £85m has been pledged to tackle the challenges facing councils, helping them build their cyber resilience and protect vital services and data.
A report by managed security services company Redscan, Disjointed and under-resourced: cyber security across UK councils, found county councils experienced three times (4.6 per organisation) more reportable data breaches in 2020 than their district counterparts (1.45 per organisation) but this does not mean smaller councils can relax. While larger councils may appear at greater risk, the recent hit on Gloucester City Council reinforces districts are far from immune.
The good news is district councils can take actions to protect themselves, starting with layered protection and looking at supply chain risks. “Districts have scarce resources,” said Colin Jupe, Director of Strategy at Assurity Systems, the European distributor of zero-trust endpoint protection software AppGuard, “In an ideal world they would have multiple layers in their defense, but often budget constraints mean they cannot have all the layers they’d ideally like, so the advice is ‘don’t pick multiple solutions of the same type’. The important thing is not to keep getting more of the same, having yet another detection-based system provides only a minor incremental improvement, what you need is something different, something not detection-based – that is what gives you the step change in defense.”
AppGuard is an innovative zero-trust cyber security software which iESE, alongside Assurity Systems, brings to the UK’s local government environment. iESE has secured highly preferential rates (discounts exceeding 50 per cent) allowing local authorities to benefit from the technology for around £45 per annum per endpoint for a fully-managed solution: “A key thing with our managed service is that councils don’t have to add to their already stretched team, they are getting expert cyber security systems management 24/7, 365 days per year, added to which, councils’ IT teams often benefit from the skills transfer of specialist cyber knowledge our team is able to offer,” Jupe explained.
AppGuard works differently to traditional cyber security software because it does not have to know the signature of an attack to block it. “AppGuard’s superpower is that it is able to stop what others don’t recognise, almost all other cyber solutions need to recognise or detect malware in order to stop it,” Jupe explained. This was the case with some recently released malware, known as HermeticWiper, aimed at harming organisations in the Ukraine by infiltrating systems, stealing data and preventing rebooting. While a UK local authority may not have been the intended victim in this case, malware and ransomware are indiscriminate once circulating.
According to Jupe, VirusTotal, an organisation which inspects suspicious files, found only 16 of the 70 products sold by major cyber security vendors were able to detect the malware on first encounter, while AppGuard was able to stop it “straight out of the box”. While all major cyber software vendors quickly released a patch, new attacks emerge daily, with Jupe warning of an increase in sophisticated cyber warfare attacks backed by state actors – hackers operating on behalf of governments.
“HermeticWiper had devasting effects when it was launched. Had it come to a local authority and they’d have relied on one of the 54 systems that did not recognise it on day one, they could have been in deep trouble. Not only would their systems have gone down, they’d have had extreme difficulty rebuilding because one of the features of the malware was to corrupt the master boot record. Even without this added complication, we already know rebuild costs for councils after a successful attack can run to tens of millions of pounds,” he explained.
One forward-thinking council already using AppGuard is South Staffordshire District Council. Data is at the heart of the way South Staffordshire operates and sharing and collaborating with people and organisations who sit outside the traditional boundaries of the council’s network. Understanding the desire to move to a digital-first business model, iESE and Assurity worked closely with the Council’s ICT team to establish a proof of concept. The ongoing impact on the ICT team, however, is minimal as it opted to use Assurity’s fully-managed service.
“AppGuard is incredibly forensic, providing an extremely high level of security which provides us with real peace of mind as we look to transform the organisation into a digital-first council,” explained Lea Monckton, Senior Infrastructure & Communications Officer, ICT at South Staffordshire District Council.
Andy Hoare, Assistant Director, Business Transformation at South Staffordshire Council, said the support and responsiveness of iESE and Assurity was fantastic during the proof of concept and staged rollout of AppGuard: “Staff are unaware of the work going on behind the scenes to give them this extra protection. This is exactly how cyber defences should be, effective but unintrusive to day-to-day operations,” he said.
Eileen Buck, Director of Sales at Assurity Systems, added: “I have been involved in providing cyber security software for over 30 years to Public Sector, NHS and large corporates and I have never seen anything as powerful as AppGuard. We are delighted to be able to offer this preferential deal via iESE to protect critical infrastructure.”
To read the full South Staffordshire case study, please click here.
To find out more or see AppGuard in action contact: eileen.buck@assuritysystems.co.uk