Hertfordshire County Council targeted in 'malicious' phishing attack

By Deborah Price, Local Democracy Reporter
Published 13th Jul 2023, 09:59 BST
Updated 13th Jul 2023, 10:15 BST
Watch more of our videos on Shots! 
and live on Freeview channel 276
Visit Shots! now
A growing number of cyber attacks have been launched at the local authority, the council has revealed

Increasing numbers of cyber attacks are being launched against Hertfordshire County Council, councillors have been told.

And earlier this year, council staff were targeted ‘by a malicious email’ phishing attack ‘that could have caused significant impact’.

Hide Ad
Hide Ad

In all cases – say council chiefs – the cyber attacks were repelled or contained.

Hertfordshire County Council officesHertfordshire County Council offices
Hertfordshire County Council offices

Cyber security was among the performance issues raised at a meeting of the resources and performance cabinet panel, on Thursday (6 June).

Particularly highlighted at the meeting was the ‘targeted phishing attack’ in late March.

But councillors were assured that the attack was contained. No data, they were told, was breached and there was no threat to council data.

Hide Ad
Hide Ad

“HCC continues to utilise strong security controls through people, processes and technology to limit and mitigate threats against its network,” said the report to the cabinet panel.

“While these controls have continued to protect HCC and its data the Council continues to experience an increase in attempts to target its users through email containing malicious links and attachments.

Read More
Tobacco costs Hertfordshire £300m a year, says new strategy

“Through the use of security software and streamlining our processes, Technology is able to identify, contain and mitigate these threats before the Council is compromised.

“In late March HCC was targeted by a malicious email. The issue was contained with no impact.”

Hide Ad
Hide Ad

Following the meeting a spokesperson for the county council acknowledged that the attack could have caused ‘significant impact’.

And she said it was a reminder of the increasing attempts to target council data.

“In March 2023 the council was targeted by a malicious email, which could have caused significant impact,” said the spokesperson.

“Due to strong security controls through people, processes and technology the cyber attack was identified in a timely way and the issue was contained with no impact.

Hide Ad
Hide Ad

“The incident was highlighted in the quarterly reports as an example.

“It is a reminder that while current controls and measures this quarter have been sufficient to protect the council and its data, it does continue to experience an increase in attempts to target its users.”