Cyber attacks on council workers increase over 200 percent
Local councils have faced the same pressure as commercial businesses to have people working at home during the pandemic. But a new report shows attacks on UK councils' remote workers rose by 213 percent from March 2020 compared to the previous year.
Freedom of Information (FOI) requests made by technology solutions provider Insight, show that on average councils switched 74 percent of their employees -- more than double the UK average -- to remote working during the pandemic.
However, just 20 percent made additional investments in security, investing an average of £46,000 ($63,000) -- in all cases taken from the wider IT budget. As a result, investments in security came at the expense of other IT services. With increased remote working set to continue in 98 percent of councils, attacks targeting employees at home is likely to continue to increase, and investing in security needs to become a priority.
"The fact that councils could move their employees to remote working without disrupting services needs to be recognised for the major achievement it was," says Darren Hedley, managing director, UK and Ireland at Insight. "However, councils now need to build on this success: putting in place and strengthening defences to protect remote workers and eliminate gaps in security that could allow attackers to threaten essential services. It's likely that many councils cannot do this alone. They need support and resources from central government, or else we will see more and more employees and councils falling victim to attackers."
Less than half (47 percent) of councils invested more of their security budget in increased security training for remote workers. At the same time, only six percent prevented any employees from working remotely because it wasn't possible to guarantee secure access to data. This is understandable given the need to switch rapidly to remote working, but only 50 percent of councils invested more in security posture assessments to understand the impact of the move to remote working and identify any gaps in security.