A COUNCIL has refused to comment on whether it has paid ransom money to the criminals who hacked its IT systems.

On February 8 the website and internal IT systems of Redcar and Cleveland Council were rendered completely inoperative following a cyber-attack on the local authority’s servers.

With the website still down on Wednesday, the council confirmed that they had been victims of a ransomware attack.

Ransomware attacks involve hackers scrambling the files of an organisation, often along with a threat to delete the data, unless a sum of money is paid.

On Wednesday, council leader, Cllr Mary Lanigan, said the attack was being investigated by the National Crime Agency and reassured residents that there was no indication any private information had been compromised.

On Thursday, Redcar and Cleveland Council refused to comment further and declined to answer questions regarding how much cash had been demanded or whether any money had been paid.

The Local Democracy Reporting Service understands however that no ransom money has been paid to the hackers.

On Thursday, Cllr Lanigan addressed the council chamber.

“The council was the victim of a serious ransomware cyber-attack on February 8,” she said.

“It’s important to stress that the criminal investigation is on-going but I would like to place on record my thanks and admiration for our staff and all of those who have responded to this complex and challenging situation.

“I would also like to thank our residents for the patience and resilience they have shown.

“Our priority since the attack is to protect our front-line services and to ensure the safety and well-being of the most vulnerable people in our community, while rebuilding our IT systems so they can return to full functionality.

“We have made significant progress since the incident took place, all front-line services have continued and although we cannot access all the data we previously held, we have recovered a large percentage of it from our back-ups.

“As it stands there is no evidence so far to suggest any personal information has been removed from our servers.

“We have been working closely with the national cyber security centre and other Government departments and I would like to thank them for the assistance they have provided.

“We have been informed that defence to our IT systems were in place but we will engage with the relevant authorities to ensure any lessons are learned and we will ensure our systems are as secure as possible in the future.”

In a previous statement, Cllr Lanigan had indicated that the council is rebuilding its systems rather than surrendering to the hackers’ demands.

“We have built a new server and website, and mobilised a temporary call centre,” she said.

“However, it may be some time before our IT capabilities are fully restored which may mean frustration for the public in dealing with us administratively.”

The full website remains offline but now displays a holding page with some limited functionality.

The National Crime Agency (NCA) is leading a criminal probe, while the National Cyber Security Centre (NCSC) has been at Redcar’s Heart HQ since the attack.

A NSCS spokesperson said: “We are aware of a cyber incident affecting Redcar and Cleveland Council.

“This is an isolated incident and we are supporting the organisation and working with partners to understand its impact.”

At a meeting of the council’s Governance Committee following the attack, independent member, Colin Monson, said IT security needed to be looked at as a priority and called the situation a “serious disaster”.

“I think this history of what has happened over the last couple of days is a clear indication that disaster recovery systems across the authority need a serious review,” he said.