RESIDENTS remain in limbo, left unable to check bin collection days, pay council tax or report problems via a council website after systems were brought down in a cyber-attack over a week ago.
Redcar and Cleveland Council’s website has been offline for over a week following a cyber-attack, which took place at 11am on Saturday, February 8.
Ian Gemski, Founder and Director of Sedgefield-based cybersecurity firm Tekgem, said cyber-attacks can be “very serious and devastating” and that it is "normal" for them to last over a week.
The council said there no update on the situation.
When visiting the site, an error message is displayed stating it is temporarily unavailable due to being overloaded or under maintenance, urging visitors to “please try later”.
Previously, the message said access denied.
While the council believe no personal data has been breached, its disaster recovery systems have come under fire in calls for an “urgent review”.
Redcar and Cleveland Council updated residents via Facebook: “As you will be aware, we are experiencing issues with our IT systems. We are still able to receive and answer limited calls and emails and we will be prioritising urgent messages.
“There may be a slight delay in dealing with non-urgent calls and messages, and the council's website is currently down.”
The nature of the attack is still unknown but the National Crime Agency is assisting the council.
A National Crime Agency spokesperson said: “The National Crime Agency is leading the criminal investigation into a recent cyber incident that is affecting Redcar & Cleveland Council.
"As our investigation is in its early stages we are unable to comment further at this time."
Mr Gemski said it’s “normal” for attacks to last over a week as malware can spread quickly across different computer networks, resulting in multiple problems that must be resolved.
“Attacks can be very serious and devastating if a company does not have proper protection,” he said.
“There are three options when this happens. If there is a robust backup, use it to recover systems. The issue with that is that it’s lengthy to restore everything to an operational status.
“Without a backup, all systems must be rebuilt from scratch. Here, there can be a severe loss of data.
“Number three, which we wouldn’t recommend, is pay the ransom in the case of ransomware. Some people do give into this, when they are in a desperate situation.”
The expert believes the attack was not targeted as malware attacks are carried out via bots - automated technology that crawls the internet looking for vulnerabilities and people to click a malicious link via email.
Norsk Hydro, a Norwegian aluminium and renewable energy company, is still recovering from a cyber-attack it suffered last year, which saw 22,000 computers across 170 different sites in 40 different countries hit with ransomware.
The council previously thanked residents for their patience via Twitter: “We are working hard to resolve the problem and we would like to thank residents for their continued patience at this time.”
Frontline services are being prioritised while the organisation restores its systems.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here